CVE-2023-0342

LOW

MongoDB Ops Manager <5.0.21, <6.0.12 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-0342. PoCs published by h00die, including Metasploit module auxiliary/gather/mongodb_ops_manager_diagnostic_archive_info.

AI-analyzed exploit summary This Metasploit module exploits an information disclosure vulnerability in MongoDB Ops Manager by retrieving diagnostic archives that contain unredacted SAML SSL PEM key file passwords. It requires valid API credentials with specific roles.

Description

MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app settings. Archives do not include the PEM files themselves. This issue affects MongoDB Ops Manager v5.0 prior to 5.0.21 and MongoDB Ops Manager v6.0 prior to 6.0.12

Exploits (1)

metasploit WORKING POC
by h00die · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/mongodb_ops_manager_diagnostic_archive_info.rb

This Metasploit module exploits an information disclosure vulnerability in MongoDB Ops Manager by retrieving diagnostic archives that contain unredacted SAML SSL PEM key file passwords. It requires valid API credentials with specific roles.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: MongoDB Ops Manager v5.0 prior to 5.0.21 and v6.0 prior to 6.0.12
Auth required
Prerequisites: Valid API credentials with GLOBAL_MONITORING_ADMIN or GLOBAL_OWNER roles · Access to MongoDB Ops Manager API
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 3.1
EPSS 0.0089
EPSS Percentile 54.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-497
Status published
Products (1)
mongodb/ops_manager_server 5.0.0 - 5.0.21
Published Jun 09, 2023
Tracked Since Feb 18, 2026