CVE-2020-7921

Priority
Description
Improper serialization of internal state in the authorization subsystem in
MongoDB Server's authorization subsystem permits a user with valid
credentials to bypass IP whitelisting protection mechanisms following
administrative action. This issue affects: MongoDB Inc. MongoDB Server 4.2
versions prior to 4.2.3; 4.0 versions prior to 4.0.15; 4.3 versions prior
to 4.3.3; 3.6 versions prior to 3.6.18.
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 20.04 LTS (Focal Fossa):needs-triage
Ubuntu 20.10 (Groovy Gorilla):needs-triage
More Information

Updated: 2020-07-28 19:06:02 UTC (commit 7b6828437fde0509248708fcdb5b0f7587b85bd1)