Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.

**Please read carefully and check if the version of your OTRS system is affected by this vulnerability.**

**Please send information regarding vulnerabilities in OTRS to: security@otrs.org**

**PGP Key**

*   pub 2048R/9C227C6B 2011-03-21
*   uid OTRS Security Team <security@otrs.org\>
*   GPG Fingerprint E330 4608 DA6E 34B7 1551 C244 7F9E 44E9 9C22 7C6B

**Security Advisory Details**

*   ID: OSA-2021-10
*   Date: 2021-07-26 (initial), 2021-09-06 (update)
*   Title: Support Bundle includes S/Mime and PGP keys and secrets
*   Severity: 5.2 MEDIUM
*   Product: OTRS 8.0.x, OTRS 7.0.x
*   Fixed in: OTRS 8.0.16, OTRS 7.0.29
*   FULL CVSS v3.1 VECTOR: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
*   References: CVE-2021-21440, CVE-2021-36096
*   Ticket#2021050342000331, Ticket#2021072642001436

**OSA-2021-10 Support Bundle includes S/Mime and PGP keys and secrets (CVE-2021-21440,CVE-2021-36096)**

**PRODUCT AFFECTED:**

This issue affects ((OTRS)) Community Edition 6.0.x.

This issue affects OTRS 7.0.x, 8.0.x.

**PROBLEM:**

Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. Also secrets and PIN for the keys are not masked properly.

This issue affects:

OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions.

OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions.

This issue was seen during production usage.

This issue has been assigned CVE-2021-21440 and CVE-2021-36096

**SOLUTION:**

Update to OTRS 8.0.16 or OTRS 7.0.29.  
This issue is being tracked as 2021050342000331 and 2021072642001436

**MODIFICATION HISTORY:**

*   2021-07-26: Initial Publication.
*   2021-09-06: Update for CVE-2021-36096

*   CVE-2021-21440 at cve.mitre.org
*   CVE-2021-36096 at cve.mitre.org
*   https://otrs.com/release-notes/otrs-security-advisory-2021-10/

**CVSS SCORE:**

5.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N)

**RISK LEVEL:**

MEDIUM

**ACKNOWLEDGEMENTS:**

Julian Droste

Mathias Terlinde

CVE-2021-21440: OTRS Security Advisory 2021-10 | OTRS

An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes (ESI) content element renderer component does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference (IDOR), with the potential of exposing internal content elements.

Tue. 15th February, 2022 

It has been discovered that the extension "Varnishcache" (varnishcache) is susceptible to Insecure direct object reference.

*   Release Date: February 15, 2022
*   Component Type: Third party extension. This extension is not a part of the TYPO3 default installation.
*   Component: "Varnishcache" (varnishcache)
*   Vulnerability Type: Insecure direct object reference
*   Affected Versions: 2.0.0 and below
*   Severity: Medium
*   Suggested CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
*   References: CVE-2022-24979

**Problem Description**

The Edge Site Includes (ESI) content element renderer component of the extension does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference (IDOR) with the potential of exposing internal content elements.

**Solution**

An updated version 2.0.1 is available from the TYPO3 extension manager, Packagist and at  
https://extensions.typo3.org/extension/download/varnishcache/2.0.1/zip  
Users of the extension are advised to update the extension as soon as possible.

**Credits**

Thanks to Security Team Member Torben Hansen for reporting the issue and to Mittwald CM Service  for providing an updated version of the extension.

**General Advice**

Follow the recommendations that are given in the TYPO3 Security Guide. Please subscribe to the typo3-announce mailing list.

CVE-2022-24979: Insecure direct object reference in extension "Varnishcache" (varnishcache)

Documents obtained by WIRED show SafeGraph, which sold location data related to Planned Parenthood visits, is now pursuing contracts with the US Air Force.

In its early years, SafeGraph sold direct access to individualized location traces tied to device IDs. SafeGraph has historically denied any links to law enforcement. “Contrary to some belief, we don’t have any law enforcement customers,” Hoffman, the founder, wrote in 2022. However, this kind of data, sold by other vendors, has reportedly been purchased by the FBI, Immigration and Customs Enforcement, and local police. 

In 2019, it spun off a subsidiary company called Veraset, which took over SafeGraph’s relationships with data providers, such as apps and other data brokers, and its business selling individualized data. The SafeGraph brand then shifted to selling aggregated and processed products based in part on Veraset’s raw data.

The AFWERX contract is the first publicly reported relationship between SafeGraph and the US military, but the company has a history of working with other government agencies. In 2018, it sold two years of raw data to the Illinois Department of Transportation. In the first months of the Covid-19 pandemic, it inked a $420,000 deal with the Centers for Disease Control. Meanwhile, Veraset gave raw, individualized data about millions of people to the Washington, DC, Department of Health and other agencies around the country. And in 2020 and 2021, Santa Clara County used SafeGraph data to monitor attendance at a local church as part of a broader effort to enforce Covid restrictions. Materials shared with the Air Force mention relationships with the US Department of Agriculture, the Federal Reserve Bank, and the Los Angeles County, New York City, and New Jersey governments. 

SafeGraph has also shown interest in the homeland security business. In 2022, it cosponsored the Institute for Defense and Government Advancement’s Homeland Security Week, a trade show and expo that connects security contractors with top federal and local law enforcement officials. In a joint video presentation with Department of Homeland Security contractor GoTenna, a SafeGraph representative advertised “strategic intelligence” to help border patrol agents monitor US “points of entry” and areas that can’t be watched in other ways. 

In May 2022, Vice revealed that SafeGraph was selling access to aggregated counts of where people were before and after visiting abortion clinics, including Planned Parenthood. In response, 14 US senators sent the company a letter demanding answers about its business practices, and SafeGraph promised to stop selling data about abortion clinic visitors.

Although SafeGraph is best known for dealing in cell-phone-based location data, its pitch to the Air Force makes little mention of data about human movement—the only direct reference is a slide that says it can help “analyze human activity for Landing Zone (LZ) selection,” without explaining what that means. But SafeGraph has recently expanded its business to incorporate other kinds of data as well. For example, in 2022, it launched Spend, a product that profiles the customers of brick-and-mortar stores, including what they spend, what wireless carriers they use, and whether they take out short-term “buy now, pay later” loans. 

In its slide deck for the Air Force, SafeGraph also claims to use a “global language model” able to “ingest data from 193 countries” and “100+ languages” to augment its data about physical places using “web-crawling and Machine Learning.” In response to a question about outstanding challenges, it said it plans to build “deeper language models” to help it gather data about places of interest to the Air Force, such as the Middle East.

SafeGraph is funded in part by the CIA-backed venture capital firm In-Q-Tel, and In-Q-Tel head of investments George Hoyem sits on SafeGraph’s board, according to its slide deck. SafeGraph has also received investments from a motley crew including Peter Thiel, Sam Harris, former Republican House majority leader Eric Cantor, and former Saudi Arabian intelligence chief Prince Turki bin Faisal Al Saud. SafeGraph’s last funding round valued the company at $370 million, according to the records.

In a post-contract questionnaire, SafeGraph told AFWERX it had met eight times with various parts of the Air Force to discuss the use of its products. It now plans to apply for a larger Phase 2 contract with the Air Force in the third quarter of 2023, targeting Task Force 99 of the Al Udeid Air Base in Qatar. The records also mention the possibility of a facility security clearance, which would allow SafeGraph to access classified information directly.

SafeGraph Lands US Air Force Contract After Targeting Abortion Clinics

Following the Volt Typhoon attacks on critical infrastructure in the region by China, the US reportedly will share cybersecurity threat information with both countries.

Source: Viacheslav Lopatin via Shutterstock

The US, Japan, and the Philippines reportedly will join forces in cybersecurity defense with a strategic cyber threat-sharing arrangement in the wake of rising attacks by China, North Korea, and Russia.

The initiative will launch during high-level trilateral talks between US President Joe Biden, Japanese Prime Minister Fumio Kishida, and Philippine President Ferdinand Marcos Jr. during a trilateral summit in Washington this week, according to the English-language version of the Nihon Keizai Shimbun. The cyber alliance comes on the heels of Volt Typhoon, a group of cyberattackers linked to China's military, targeting critical infrastructure networks in the Philippines and US territories in the region.

Over the past three months, the number of cyberattack attempts against national government agencies in the Philippines has increased 20% week over week, according to data from Trend Micro shared with Dark Reading. 

"Traditional US allies in Asia — Japan, Taiwan, Philippines — are of high interest to Chinese-aligned attackers," says Robert McArdle, director of forward-looking threat research with the cybersecurity firm. "There has been an increase in tensions in the region recently as well as important political events including presidential elections that China maintains interest in."

The cybersecurity concerns come as geopolitical tensions have ratcheted up in the region. China has both expanded its military presence, especially with its claims to large sections of the South China Sea — as far away as 1,000 km from its mainland and encroaching on Philippines territory. The military buildup has been matched by increases in cyberattacks by Chinese state-sponsored actors, such as Mustang Panda, which compromised a Philippines government agency last year. The widespread Volt Typhoon attacks have claimed critical infrastructure networks in the Philippines, US, UK, and Australia.

**Philippines at Risk**

The dispute over the South China Sea comes at a time when the Philippines has seen significant growth in its technology development and business sectors and increased urbanization and Internet access, says Myla Pilao, director for technical marketing for Trend Micro, who works in the company's Manila office.

"This growth path, \[however\], also presents challenges including service reliability, workforce skills shortages, and data/privacy management issues \[that\] make the Philippine ecosystem a more vulnerable target," she says.

With greater reliance on the Internet and technology comes greater cyber threats. Last May, Microsoft warned that Volt Typhoon, an advanced persistent threat (APT) group linked to China's military, had infiltrated critical-infrastructure networks, possibly as a way to pre-position cyber-operations teams in foreign networks prior to an outbreak in hostilities.

Volt Typhoon is a severe threat to critical infrastructure in the region, raising the priority of information sharing, says Lisa J. Young, an APAC intelligence officer with the Financial Services Information Sharing and Analysis Center (FS-ISAC).

"This trilateral agreement specifically calls out cyber threats targeting critical infrastructure," she says. "As the nature of warfare evolves, tactics increasingly incorporate an online element through cyber-attacks and mis- \[or\]disinformation campaigns, with an increasingly fragmented array of actors. Governments are working to adapt by incorporating both defensive and offensive cyber capabilities."

**US "Hunt Forward" Initiative**

The cyber agreement with the Philippines is not a new strategy: The United States and Japan already have entered into trilateral talks with South Korea in July and August, when the three governments agreed to consult on regional threats and share data on foreign information-manipulation. Japan and South Korea also have joined NATO's Cooperative Cyber Defense Center of Excellence (CCDCOE) in 2018 and 2022, respectively, where allies regularly share cyber threat intelligence.

The trilateral agreements with South Korea and the Philippines are aligned with a part of the US strategy known as "Hunt Forward," where the US Cyber Command deploys military cybersecurity specialists to allies to hunt for malicious cyber activity. So far, more than two dozen allies have hosted Hunt Forward teams, and their deployment will likely raise tensions, Jason Bartlett, a research associate in the Atlantic Council's Energy, Economics, and Security for a New American Security group, said in an analysis in August.

"Incorporating 'Hunt Forward' operations within US cyber strategy with allies in the Indo-Pacific will most likely agitate already sensitive ties between Southeast Asia and China, but the United States needs to increase its cyber presence in the region due to its constant exposure to illicit cyber activity," Bartlett said. "Numerous state-sponsored hackers, especially from North Korea, have operated from within Southeast Asia and other regions in the Indo-Pacific for years with little punitive backlash from local and national governments."

The trilateral agreement tackles both cybercrime — especially from North Korea — and nation-state cyberattacks from China, Russia, and North Korea, and works towards isolating bad actors in China, says FS-ISAC's Young.

"This joint framework among the US, Japan, and the Philippines is a step towards strengthening cyber defenses, mitigating potential attacks, and shoring up supply chains to reduce dependence on China," she says. "Information sharing across the public and private sectors remains that best way to ensure collective protection of critical infrastructure sectors against the evolving threat landscape."

**About the Author(s)**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Japan, Philippines &amp; US Forge Cyber Threat Intel-Sharing Alliance

GitHub security alert: Malicious code found in ‘tj-actions/changed-files,’ impacting 23K+ repos. Learn how to check, remove, and protect…

GitHub security alert: Malicious code found in ‘tj-actions/changed-files,’ impacting 23K+ repos. Learn how to check, remove, and protect your CI/CD pipelines.

Research firm StepSecurity’s CI/CD security solution Harden-Runner recently uncovered a security vulnerability within a GitHub Action, “tj-actions/changed-files,” used in over 23,000 repositories. The vulnerability allows remote attackers to discover secrets by reading action logs.

The vulnerability, identified as CVE-2025-30066, affected all versions of the compromised Action. For your information, this action identifies files modified within pull requests or commits, allowing development teams to trigger processes like testing or deployments based on specific file changes. This approach enhances the efficiency of continuous integration and continuous delivery pipelines

As per StepSecurity’s research, the malicious code focused on infiltrating the Runner.Worker process, designed to extract secrets, passwords, and authentication tokens exposed during CI/CD execution. In many scenarios, these sensitive details were likely made publicly accessible, potentially granting unauthorized individuals access to critical systems and internal services. 

The timeline of the compromise began with the introduction of a malicious commit, disguised as a routine Dependabot update, on March 14th. Immediately following this, all Action tags were redirected to point towards the compromised commit, placing a significant number of repositories at risk. Suspicious activity was subsequently flagged by the community, indicating the Action was exfiltrating environment variables and secrets.

Approximately twelve hours after this discovery, the repository was taken offline, effectively preventing further downloads of the compromised version. While the exact initiator of the takedown remains unclear, the repository was reactivated on March 16th, following the removal of the malicious commit. However, by this point, an estimated 23,000 repositories had already been exposed.

Due to the action’s widespread use, public GitHub repositories with enabled GitHub Actions were placed at considerable risk. The tj-actions maintainers claim that an attacker breached a GitHub personal access token (PAT) used by a bot with access to the repository.

GitHub responded by removing the compromised Action, necessitating users to seek alternative solutions. This removal, however, introduced potential disruptions to CI pipelines, particularly for those relying on non-cached versions.

Endor Labs exclusively published a blog post for its users, providing specific guidance on mitigating the impact. Customers utilizing the Endor Labs GitHub App were advised to search their dependencies for “tj-actions/changed-files” within the Endor Labs dashboard. Those using CI or CLI scanning were instructed to configure CI scanning with specific parameters to identify affected repositories. Additionally, auditing GitHub logs for suspicious IP addresses and rotating active secrets were recommended.

The primary objective of the attackers was likely to compromise the software supply chain, targeting open-source libraries, binaries, and artefacts generated by the affected CI pipelines, Dimitri Stiliadis, CTO and co-founder of Endor Labs, shared with his analysis Hackread.com.

“The attacker was likely not looking for secrets in public repositories — they are already public. They were likely looking to compromise the software supply chain for other open-source libraries, binaries, and artefacts created with this. Any public repository that creates packages or containers as part of a CI pipeline could have been impacted. That means potentially thousands of open source packages have the potential to have been compromised,” Stiliadis explained.

Organizations not utilizing Endor Labs were also advised to take immediate action. This included inspecting GitHub Actions workflows for the compromised Action, removing it from all branches, auditing past CI workflows for signs of compromise, and rotating any exposed secrets.

Malicious Code Hits ‘tj-actions/changed-files’ in 23,000 GitHub Repos

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified.



Wiki Communication

*   Pages

**Page tree**

Browse pages

*   

1.  Pages

Skip to end of banner

*   
*   Jira links

Go to start of banner

Skip to end of metadata

*   Created by Aryhe Segal, last modified on Jun 21, 2022

Go to start of metadata

**_Sorry. The page you are looking for is not available._****Please try the links below**

**SAP Community**

view SAP Community

**SAP Support**

help SAP Support

**SAP Business By Design**

edit Business By Design

**If all else fails, contact the Support Team at PSWIKI@sap.com**

*   No labels

Overview

Content Tools

*   Powered by Atlassian Confluence 7.13.14
*   Printed by Atlassian Confluence 7.13.14
*   Report a bug
*   Atlassian News

Atlassian

*   Privacy
*   Terms of Use
*   Legal Disclosure
*   Copyright
*   Trademark

CVE-2022-22531: Community Wiki Sunset - Wiki Communication

BillQuick customers blindsided by recently patched web security flaw

SQL injection flaw in billing software app tied to US ransomware infection

Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to brute force user login credentials as rest resources did not check if users were beyond their max failed login limits and therefore required solving a CAPTCHA in addition to providing user credentials for authentication via a improper restriction of excess authentication attempts vulnerability.

*   **Type: **![](https://jira.atlassian.com/secure/viewavatar?size=xsmall&avatarId=98192&avatarType=issuetype "Public Security Vulnerability") Public Security Vulnerability
    

*   **Priority: **![](https://jira.atlassian.com/images/icons/priorities/low.svg "Low - Low priority issues") Low
    
*   **Resolution:** Fixed
    
*   **Affects Version/s:** 4.8.0
    

*   **Component/s:** None
    

Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to brute force user login credentials as rest resources did not check if users were beyond their max failed login limits and therefore required solving a CAPTCHA in addition to providing user credentials for authentication via a improper restriction of excess authentication attempts vulnerability

**Affected versions:**

*   version < 4.8.9

**Fixed versions:**

*   4.8.9

is related to

![Public Security Vulnerability - ](https://jira.atlassian.com/secure/viewavatar?size=xsmall&avatarId=98192&avatarType=issuetype "Public Security Vulnerability - ") FE-7387 CVE-2021-43958: Various rest resources missing CAPTCHA for failed user login attempts

*   ![Low - Low priority issues](https://jira.atlassian.com/images/icons/priorities/low.svg "Low - Low priority issues")
*   Published

relates to

 ![](https://jira.atlassian.com/s/u0aaim/820006/1rg1jpn/8.20.6/_/download/resources/com.atlassian.jira.jira-view-issue-plugin:linkingmodule/throbber)VULN-564011 Loading...

CVE-2021-43958: [CRUC-8523] CVE-2021-43958: Various rest resources missing CAPTCHA for failed user login attempts

Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain file.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy

Back to Main Menu

Huawei Websites

Corporate

Corporate news and information

Consumer

Phones, laptops, tablets, wearables & other devices

Enterprise

Enterprise products, solutions & services

Carrier

Products, solutions & services for carrier networks

Huawei Cloud

Cloud products, solutions & services

*   SA No:huawei-sa-IAViaHCW-21a3acd8-en
*   Initial Release Date: 2022-11-30
*   Last Release Date: 2022-11-30

  

Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain file. (Vulnerability ID:HWPSIRT-2022-62345)  
This vulnerability has been assigned a (CVE) ID: CVE-2022-45874

Affected Product

Affected Version

Resolved Versions

Aslan-AL10

Aslan-AL10-OTA 11.1.0.118(C00M06)-11.1.0.10118(C00M06)  

Aslan-AL10 11.1.0.135(C00M08)  

Aslan-AL10 11.1.0.118(C00M06)  

  

Aslan-AL10

Aslan-AL10-OTA 11.1.0.118(C00M06)-11.1.0.10118(C00M06)

Aslan-AL10-OTA 11.1.0.135(C00M08log)-11.1.0.10135(C00M08log)

Aslan-AL10

Aslan-AL10-OTA 11.1.0.118(C00M06)-11.1.0.10118(C00M06)

Aslan-AL10-OTA 11.1.0.135(C00M08log)-11.1.0.10135(C00M08log)

HWPSIRT-2022-62345:  
Successful exploit could allow the attacker to access certain file.

Vulnerabilities are scored base on the CVSS v3.1 scoring system. For details please refer to: http://www.first.org/cvss/specification-document.  
HWPSIRT-2022-62345:  
Base score:8.4  
Temporary score:7.8  
Environmental Score:NA  
CVSS v3.1 Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

HWPSIRT-2022-62345:  
This vulnerability can be exploited only when the following conditions are present:   
The attacker needs to install the app locally.  
Technical details:  
Huawei Aslan Children's Watch has an improper authorization vulnerability. An attacker can install the app locally to exploit this vulnerability. Successful exploit could allow the attacker to access certain file.

The product that supports automatic update will receive a system update prompt. You can install the update to fix the vulnerability.  

HWPSIRT-2022-62345:  
This vulnerability was discovered by Huawei internal tester.

2022-11-30 V1.0 Initial Release;  

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.

To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.

This document is provided on an "AS IS" basis and does not imply any kind of guarantee or warranty, either express or implied, including the warranties of merchantability or fitness for a particular purpose. In no event shall Huawei or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by whatsoever means, will be totally at your own risk. Huawei is entitled to amend or update this document from time to time.

CVE-2022-45874: Security Advisory - Improper Authorization Vulnerability in a Huawei Children's Watch

MongoDB on Saturday disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information.
The American database software company said it first detected anomalous activity on December 13, 2023, and that it immediately activated its incident response

Cyber Attack / Data Security

MongoDB on Saturday disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information.

The American database software company said it first detected anomalous activity on December 13, 2023, and that it immediately activated its incident response efforts.

It further noted that "this unauthorized access has been going on for some period of time before discovery," but emphasized it's not "aware of any exposure to the data that customers store in MongoDB Atlas.". It did not disclose the exact time period of the compromise.

In light of the breach, MongoDB recommends that all customers be on the lookout for social engineering and phishing attacks, enforce phishing-resistant multi-factor authentication (MFA), as well as rotate their MongoDB Atlas passwords.

That's not all. The company said it's also experiencing elevated login attempts that are causing issues for customers attempting to log in to Atlas and our Support Portal. It, however, said the problem is unrelated to the security event.

The Hacker News has reached out to MongoDB for additional comments, and we will update the story if we hear back.

_(This is a developing story. Please check back for more updates.)_

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Search

lenovo warranty check/lookup | check warranty status | lenovo support us