Vulnerabilities > Mongodb > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-06 | CVE-2017-2665 | Insufficiently Protected Credentials vulnerability in multiple products The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. | 1.9 |
2017-06-06 | CVE-2014-8180 | Improper Authentication vulnerability in Mongodb MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service. | 2.1 |