7 matches found
Security Bulletin: IBM Cloud Private is vulnerable to MongoDB vulnerabilities (CVE-2020-7924)
Summary IBM Cloud Private is vulnerable to MongoDB vulnerabilities Vulnerability Details CVEID: CVE-2020-7924 DESCRIPTION: MongoDB Database Tools could allow a remote attacker to bypass security restrictions, caused by a flaw in the usage of specific command line parameter. By sending a...
CVE-2020-7924
A validation flaw was found in mongodb. Due to the incorrect behavior of a specific command-line parameter in MongoDB Tools, which was originally intended to just skip hostname checks, all certificate validations by MongoDB could be skipped. The highest threat from this vulnerability is to data...
CVE-2020-7924
Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions...
CVE-2020-7924
Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions...
CVE-2020-7924 Specific command line parameter might result in accepting invalid certificate
Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions...
CVE-2020-7924
CVE-2020-7924 describes an improper certificate validation flaw in MongoDB Tools caused by using a command-line parameter that was intended to skip hostname checks but can cause all certificate validation to be bypassed. Affected are MongoDB Database Tools versions: 3.6.x after 3.6.5 and before 3...
CVE-2020-7924 Specific command line parameter might result in accepting invalid certificate
Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions...