Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
MongoDb Vulnerability - CVE-2019-2390 - Vulnerability Database
MongoDb

MongoDb Vulnerability - CVE-2019-2390

High
Reference: CVE-2019-2390
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-2390
Title: MongoDb Vulnerability
Overview:

An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server to run attacker defined code as the user running the utility. This issue MongoDB Server v4.0 versions prior to 4.0.11 MongoDB Server v3.6 versions prior to 3.6.14 and MongoDB Server v3.4 prior to 3.4.22.