2 matches found
CVE-2021-20331 MongoDB C# Driver may publish events containing authentication-related data to a command listener configured by an application
Specific versions of the MongoDB C Driver may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when commands such as "saslStart", "saslContinue", "isMaster", "createUser",...
CVE-2021-20331
CVE-2021-20331 affects the MongoDB C# Driver versions 2.12.x up to and including 2.12.1. Root cause: when an application enables the command listener, certain authentication-related events (saslStart, saslContinue, isMaster, createUser, updateUser) may be published and may contain sensitive data....