Описание
Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access.
An authentication issue was found in MongoDB. The improper handling of LDAP authentication in MongoDB Enterprise versions 3.0.0 through 3.0.6 can allow an unauthenticated client to gain unauthorized access. The MongoDB Community Edition is not affected by this vulnerability.
Отчет
All versions of the following products which include mongodb include only MongoDB's Community edition, and are therefore not affected by this vulnerability:
- Red Hat OpenStack Platform
- Red Hat Software Collections
- Red Hat Update Infrastructure
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) | mongodb | Not affected | ||
| Red Hat OpenStack Platform 10 (Newton) | mongodb | Not affected | ||
| Red Hat OpenStack Platform 9 (Mitaka) | mongodb | Not affected | ||
| Red Hat Satellite 6 | mongodb | Not affected | ||
| Red Hat Software Collections | rh-mongodb34-mongodb | Not affected | ||
| Red Hat Software Collections | rh-mongodb36-mongodb | Not affected | ||
| Red Hat Update Infrastructure 3 for Cloud Providers | mongodb | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
9.1 Critical
CVSS3
Связанные уязвимости
Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access.
Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access.
Improper handling of LDAP authentication in MongoDB Server versions 3. ...
Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access.
EPSS
9.1 Critical
CVSS3