First published: Fri Jul 19 2019(Updated: )
Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
MongoDB MongoDB | >=3.0.0<=3.0.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2015-7882 is high with a CVSS score of 8.1.
CVE-2015-7882 allows an unauthenticated client to gain unauthorized access to MongoDB Server versions 3.0.0 to 3.0.6.
To fix the vulnerability in MongoDB Server versions 3.0.0 to 3.0.6, it is recommended to upgrade to a version higher than 3.0.6.
The Common Vulnerabilities and Exposures (CVE) ID for this vulnerability is CVE-2015-7882.
The CWE ID for this vulnerability is CWE-287.