7 matches found
MongoDB 5.0.x < 5.0.31 / 6.0.x < 6.0.20 / 7.0.x < 7.0.14 / 7.3.x < 7.3.4 Improper Access Control (SERVER-103151)
The version of MongoDB installed on the remote host is 5.0 prior to 5.0.31, 6.0 prior to 6.0.20, 7.0 prior to 7.0.14, 7.3 prior to 7.3.4. It is, therefore, affected by a vulnerability as referenced in the SERVER-103151 advisory. - A user authorized to access a view may be able to alter the intend...
CVE-2025-3082
A user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintended view of underlying data. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.20, MongoDB Server v7.0 version...
CVE-2025-3082
creationtimestamp| type| source ---|---|--- 2025-04-01 11:34:35+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9875 2025-04-01 16:23:21+00:00| seen| https://t.me/cvedetector/21754 2025-04-02 23:09:18+00:00| seen| https://bsky.app/profile/omo.bsky.social/post/3lluiyzj2ms2x...
CVE-2025-3082 User may override a view's collation and gain unauthorized access to underlying data
A user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintended view of underlying data. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.20, MongoDB Server v7.0 version...
CVE-2025-3082 User may override a view's collation and gain unauthorized access to underlying data
A user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintended view of underlying data. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.20, MongoDB Server v7.0 version...
CVE-2025-3082
CVE-2025-3082 affects MongoDB Server versions prior to fixes: 5.0.31, 6.0.20, 7.0.14, and 7.3.4. A user with view access can alter the intended collation, allowing access to a different or unintended view of underlying data. The vulnerability is rooted in improper access control during view colla...
CVE-2025-3082 User may override a view's collation and gain unauthorized access to underlying data
A user authorized to access a view may be able to alter the intended collation, allowing them to access to a different or unintended view of underlying data. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.20, MongoDB Server v7.0 version...