Lucene search

CVE-2021-32039 MongoDB Extension for VS Code may unexpectedly store credentials locally in clear text

🗓️ 20 Jan 2022 14:10:50Reported by mongodbType

MongoDB Extension for VS Code stores credentials in clear tex

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
OSV	CVE-2021-32039	20 Jan 202215:15	–	osv
OSV	BIT-mongodb-2021-32039	6 Mar 202410:57	–	osv
MongoDB	MongoDB Extension for VS Code may unexpectedly store credentials locally in clear text	20 Jan 202200:00	–	mongodb
Cvelist	CVE-2021-32039 MongoDB Extension for VS Code may unexpectedly store credentials locally in clear text	20 Jan 202214:50	–	cvelist
Prion	Code injection	20 Jan 202215:15	–	prion
NVD	CVE-2021-32039	20 Jan 202215:15	–	nvd
CVE	CVE-2021-32039	20 Jan 202215:15	–	cve

[
  {
    "cpes": [
      "cpe:2.3:a:mongodb:mongodb:-:*:*:*:*:*:*:*"
    ],
    "vendor": "mongodb",
    "product": "mongodb",
    "versions": [
      {
        "status": "affected",
        "version": "-"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
github	www.github.com/mongodb-js/vscode/releases/tag/v0.8.0
jira	www.jira.mongodb.org/browse/VSCODE-313

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Jan 2022 14:50Current

5.4Medium risk

Vulners AI Score5.4

CVSS35.5

EPSS0.00136

SSVC

CWE-522

cve-2021-32039 mongodb vs code clear text unauthorized access