CVE-2023-0342 — LOW (3.1) — White Hats Nepal

Q: How severe is CVE-2023-0342?

CVE-2023-0342 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-0342?

Check the references section above for vendor advisories and patch information. Affected products include: Mongodb Ops Manager Server.

Vulnerability Description

MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app settings. Archives do not include the PEM files themselves. This issue affects MongoDB Ops Manager v5.0 prior to 5.0.21 and MongoDB Ops Manager v6.0 prior to 6.0.12

CVSS Score

3.1

LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Mongodb	Ops Manager Server	>= 5.0.0, < 5.0.21

Related Weaknesses (CWE)

CWE-497

References

FAQ

What is CVE-2023-0342?

CVE-2023-0342 is a vulnerability with a CVSS score of 3.1 (LOW). MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app settings. Archives do not include the PEM files themselves. This issue affects MongoDB Ops Manager v5.0 prior...

How severe is CVE-2023-0342?

CVE-2023-0342 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-0342?

Check the references section above for vendor advisories and patch information. Affected products include: Mongodb Ops Manager Server.