Lucene search
+L

7 matches found

ibm
ibm
added 2021/09/03 1:57 p.m.17 views

Security Bulletin: IBM Cloud Private is vulnerable to MongoDB vulnerabilities (CVE-2020-7924)

Summary IBM Cloud Private is vulnerable to MongoDB vulnerabilities Vulnerability Details CVEID: CVE-2020-7924 DESCRIPTION: MongoDB Database Tools could allow a remote attacker to bypass security restrictions, caused by a flaw in the usage of specific command line parameter. By sending a...

6.5CVSS0.7AI score0.00691EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2021/04/12 8:16 p.m.29 views

CVE-2020-7924

A validation flaw was found in mongodb. Due to the incorrect behavior of a specific command-line parameter in MongoDB Tools, which was originally intended to just skip hostname checks, all certificate validations by MongoDB could be skipped. The highest threat from this vulnerability is to data...

6.5CVSS1.1AI score0.00691EPSS
Exploits0References4
nvd
nvd
added 2021/04/12 5:15 p.m.27 views

CVE-2020-7924

Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions...

6.5CVSS0.00691EPSS
Exploits0References1
osv
osv
added 2021/04/12 5:15 p.m.18 views

CVE-2020-7924

Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions...

6.5CVSS5.1AI score
Exploits0References1
vulnrichment
vulnrichment
added 2021/04/12 4:25 p.m.12 views

CVE-2020-7924 Specific command line parameter might result in accepting invalid certificate

Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions...

4.2CVSS5.3AI score0.00691EPSS
Exploits0References1
cve
cve
added 2021/04/12 4:25 p.m.87 views

CVE-2020-7924

CVE-2020-7924 describes an improper certificate validation flaw in MongoDB Tools caused by using a command-line parameter that was intended to skip hostname checks but can cause all certificate validation to be bypassed. Affected are MongoDB Database Tools versions: 3.6.x after 3.6.5 and before 3...

6.5CVSS5.2AI score0.00691EPSS
Exploits0References1Affected Software2
cvelist
cvelist
added 2021/04/12 4:25 p.m.19 views

CVE-2020-7924 Specific command line parameter might result in accepting invalid certificate

Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: MongoDB Inc. MongoDB Database Tools 3.6 versions...

4.2CVSS6.4AI score0.00691EPSS
Exploits0References1
Rows per page
Query Builder