MongoDb Incorrect Authorization Vulnerability - CVE-2020-7921 - Vulnerability Database

MongoDb Incorrect Authorization Vulnerability - CVE-2020-7921

Medium

Reference: CVE-2020-7921

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-7921

Title: MongoDb Incorrect Authorization Vulnerability

Overview:

Improper serialization of internal state in the authorization subsystem in MongoDB Server39s authorization subsystem permits a user with valid credentials to bypass IP whitelisting protection mechanisms following administrative action. This issue affects MongoDB Server v4.2 versions prior to 4.2.3 MongoDB Server v4.0 versions prior to 4.0.15 MongoDB Server v4.3 versions prior to 4.3.3and MongoDB Server v3.6 versions prior to 3.6.18.