CVE-2014-8180

Опубликовано: 06 июн. 2017

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.

Ссылки

https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/html/installation_guide/preparing_your_environment_for_installation#restricting_access_to_mongod
Product
https://bugzilla.redhat.com/show_bug.cgi?id=1301703
Issue Tracking
Patch
Third Party Advisory
VDB Entry
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/html/installation_guide/preparing_your_environment_for_installation#restricting_access_to_mongod
Product
https://bugzilla.redhat.com/show_bug.cgi?id=1301703
Issue Tracking
Patch
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*

cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 15%

0.00047

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-287

Связанные уязвимости

CVE-2014-8180

redhat

около 10 лет назад

MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.

GHSA-7g8m-5ff5-p3hg

CVSS3: 5.5

github

больше 3 лет назад

MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.

EPSS

Процентиль: 15%

0.00047

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-287