BIT-mongodb-2026-9751

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/mongodb/BIT-mongodb-2026-9751.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-mongodb-2026-9751
Aliases
  • CVE-2026-9751
Published
2026-06-13T08:45:05.762Z
Modified
2026-06-13T09:15:06.592906698Z
Summary
Sensitive data could be written to mongod.log
Details

The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in plain text.

Database specific
{
    "severity": "Medium",
    "cpes": [
        "cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*"
    ]
}
References

Affected packages

Bitnami / mongodb

Package

Name
mongodb
Purl
pkg:bitnami/mongodb

Severity

  • 6.8 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
7.0.0
Fixed
7.0.35
Introduced
8.0.0
Fixed
8.0.24
Introduced
8.2.0
Fixed
8.2.10
Introduced
8.3.0
Fixed
8.3.3

Database specific

source
"https://github.com/bitnami/vulndb/tree/main/data/mongodb/BIT-mongodb-2026-9751.json"