Download
| Alert*
|
oval:org.secpod.oval:def:2004190
Improper serialization of internal state in the authorization subsystem in MongoDB Server"s authorization subsystem permits a user with valid credentials to bypass IP whitelisting protection mechanisms following administrative action. This issue affects: MongoDB Inc. MongoDB Server 4.2 versions prio ... oval:org.secpod.oval:def:63839 The host is installed with MongoDB 4.2 before 4.2.3, 4.0 before 4.0.15 or 3.6 before 3.6.18 and is prone to a collapse of data into unsafe value vulnerability. A flaw is present in the application which fails to handle IP whitelisting protection mechanisms. Successful exploitation allows a user with ... |
