VYPR
Medium severity5.5OSV Advisory· Published Oct 3, 2016· Updated Jun 17, 2026

CVE-2016-6494

CVE-2016-6494

Description

The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • MongoDB/MongoDBOSV3 versions
    0.9.1, 1.7-cut, 3.0.6-rc1, …+ 2 more
    • (no CPE)range: 0.9.1, 1.7-cut, 3.0.6-rc1, …
    • cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*range: <3.0.15
    • (no CPE)
  • cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.