Unrated severityNVD Advisory· Published Jul 4, 2013· Updated Jun 16, 2026
CVE-2013-4650
CVE-2013-4650
Description
MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:mongodb:mongodb:2.4.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:mongodb:mongodb:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mongodb:mongodb:2.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:mongodb:mongodb:2.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:mongodb:mongodb:2.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:mongodb:mongodb:2.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:mongodb:mongodb:2.5.0:*:*:*:*:*:*:*
- (no CPE)range: <2.4.5,<2.5.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.