5 matches found
Security Bulletin: A Security Vulnerability affects IBM Cloud Private Core Services (CVE-2019-2386)
Summary A Security Vulnerability affects IBM Cloud Private Core Services Vulnerability Details CVEID: CVE-2019-2386 DESCRIPTION: MongoDB Server could allow a remote authenticated attacker to bypass security restrictions, caused by improper session management. By reusing an established session of...
MongoDB 3.4 < 3.4.22, 3.6 < 3.6.13, 4.0 < 4.0.9, 4.1 < 4.1.9 User Session Vulnerability - Linux
MongoDB is prone to a vulnerability where after user deletion the improper invalidation of authorization sessions allows an authenticated user SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
MongoDB 3.4 < 3.4.22, 3.6 < 3.6.13, 4.0 < 4.0.9, 4.1 < 4.1.9 User Session Vulnerability - Windows
MongoDB is prone to a vulnerability where after user deletion the improper invalidation of authorization sessions allows an authenticated user SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
CVE-2019-2386
After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones. This issue affects MongoDB Server v4.0 versions prior to 4.0.9;...
CVE-2019-2386
CVE-2019-2386 affects MongoDB Server: after user deletions, improper invalidation of authorization sessions can allow a previously active session to persist and merge with new accounts if names are reused. Impact details in the sources indicate affected versions are MongoDB Server v4.0 before 4.0...