CVE-2026-9751
Sensitive data could be written to mongod.log
The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in plain text.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Productos afectados
MongoDB · MongoDB Server¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →