Korean
<< Back
VID 25319
Severity 40
Port 27017
Protocol TCP
Class DB
Detailed Description The version of the remote MongoDB server is 3.1.x prior to 3.1.9. It is, therefore, affected by an unspecified flaw in LDAP authentication. An attacker may exploit this to gain unauthorized access to a MongoDB instance or cluster.

* References:
https://jira.mongodb.org/browse/SERVER-20691

* Platforms Affected:
MongoDB 3.1.x prior to 3.1.9
Any operating system Any version
Recommendation Upgrade to the latest version of MongoDB(3.1.9 or later), available from the MongoDB Web page at https://www.mongodb.com/download-center/community
Related URL CVE-2015-7882 (CVE)
Related URL (SecurityFocus)
Related URL (ISS)