CVE-2020-7921

Improper serialization of internal state in the authorization subsystem in MongoDB Server's authorization subsystem permits a user with valid credentials to bypass IP whitelisting protection mechanisms following administrative action. This issue affects: MongoDB Inc. MongoDB Server 4.2 versions prior to 4.2.3; 4.0 versions prior to 4.0.15; 4.3 versions prior to 4.3.3; 3.6 versions prior to 3.6.18.

packagechannelchannel versionpkg versionstatus
mongodb-3_6
nixos-20.03
2020-05-20 17:55:36 UTC (f45ccd)3.6.13vulnerable
2020-05-19 14:50:38 UTC (82b5f8)3.6.13vulnerable
2020-05-17 11:55:29 UTC (025deb)3.6.13vulnerable
2020-05-16 23:55:09 UTC (885a66)3.6.13vulnerable
2020-05-16 07:25:23 UTC (91cdcf)3.6.13vulnerable
2020-05-15 11:50:19 UTC (a7c70f)3.6.13vulnerable
2020-05-14 20:00:24 UTC (7829e5)3.6.13vulnerable
2020-05-14 08:45:10 UTC (a4f8ce)3.6.13vulnerable
2020-05-11 13:30:37 UTC (5adf2a)3.6.13vulnerable
2020-05-10 15:55:31 UTC (14dd96)3.6.13vulnerable
2020-05-09 11:45:25 UTC (d6c1b5)3.6.13vulnerable
2020-05-09 00:15:32 UTC (695895)3.6.13vulnerable
2020-05-08 16:55:29 UTC (210d86)3.6.13vulnerable
2020-05-07 09:40:23 UTC (b0e3df)3.6.13vulnerable
2020-05-06 08:15:16 UTC (4d3731)3.6.13vulnerable
2020-04-29 06:55:09 UTC (ab3adf)3.6.13vulnerable
2020-04-29 01:15:23 UTC (365ca1)3.6.13vulnerable
2020-04-28 03:20:29 UTC (2faa76)3.6.13vulnerable
2020-04-27 09:30:14 UTC (9137f0)3.6.13vulnerable
2020-04-26 18:00:18 UTC (74a80c)3.6.13vulnerable
2020-04-26 15:30:13 UTC (4b6bfe)3.6.13vulnerable
2020-04-22 22:50:36 UTC (95b9c9)3.6.13vulnerable
2020-04-22 20:55:28 UTC (63284e)3.6.13vulnerable
2020-04-21 16:45:31 UTC (1e90c4)3.6.13vulnerable
2020-04-20 21:15:28 UTC (527232)3.6.13vulnerable
2020-04-20 11:55:37 UTC (e03eef)3.6.13vulnerable
2020-04-19 06:30:35 UTC (a17e02)3.6.13vulnerable
2020-04-17 09:15:39 UTC (0f920b)3.6.13vulnerable
2020-04-16 04:10:35 UTC (a438ae)3.6.13vulnerable
2020-04-15 21:25:43 UTC (217500)3.6.13vulnerable
2020-04-14 22:55:46 UTC (9f0f06)3.6.13vulnerable
2020-04-13 22:30:41 UTC (708cb6)3.6.13vulnerable
2020-04-07 22:30:40 UTC (29eddf)3.6.13vulnerable
2020-04-06 09:15:44 UTC (0bb351)3.6.13vulnerable
2020-04-05 22:10:20 UTC (182f22)3.6.13vulnerable
2020-04-05 18:00:44 UTC (7c9e1e)3.6.13vulnerable
2020-04-04 15:35:37 UTC (4dc844)3.6.13vulnerable
nixos-unstable
2020-05-19 15:55:23 UTC (0f5ce2)3.6.13vulnerable
2020-05-17 05:35:10 UTC (b47873)3.6.13vulnerable
2020-05-16 06:35:37 UTC (32b8ed)3.6.13vulnerable
2020-05-14 10:45:36 UTC (8ba41a)3.6.13vulnerable
2020-05-14 05:55:25 UTC (9a29fe)3.6.13vulnerable
2020-05-12 12:30:34 UTC (683c68)3.6.13vulnerable
2020-04-29 22:20:14 UTC (fce756)3.6.13vulnerable
2020-04-27 07:20:22 UTC (7c399a)3.6.13vulnerable
2020-04-21 11:50:36 UTC (22a3bf)3.6.13vulnerable
2020-04-20 18:55:24 UTC (b3c3a0)3.6.13vulnerable
2020-04-17 16:30:35 UTC (b61999)3.6.13vulnerable
2020-04-13 19:25:19 UTC (868692)3.6.13vulnerable
2020-04-13 08:25:23 UTC (81a6a8)3.6.13vulnerable
2020-04-12 06:15:29 UTC (807ca9)3.6.13vulnerable
2020-04-10 15:20:38 UTC (9b0d2f)3.6.13vulnerable
2020-04-08 01:15:40 UTC (39247f)3.6.13vulnerable
2020-03-28 20:50:45 UTC (ae6bdc)3.6.13vulnerable
2020-03-27 12:30:26 UTC (3320a0)3.6.13vulnerable
mongodb-4_0
nixos-20.03
2020-05-20 17:55:36 UTC (f45ccd)4.0.12vulnerable
2020-05-19 14:50:38 UTC (82b5f8)4.0.12vulnerable
2020-05-17 11:55:29 UTC (025deb)4.0.12vulnerable
2020-05-16 23:55:09 UTC (885a66)4.0.12vulnerable
2020-05-16 07:25:23 UTC (91cdcf)4.0.12vulnerable
2020-05-15 11:50:19 UTC (a7c70f)4.0.12vulnerable
2020-05-14 20:00:24 UTC (7829e5)4.0.12vulnerable
2020-05-14 08:45:10 UTC (a4f8ce)4.0.12vulnerable
2020-05-11 13:30:37 UTC (5adf2a)4.0.12vulnerable
2020-05-10 15:55:31 UTC (14dd96)4.0.12vulnerable
2020-05-09 11:45:25 UTC (d6c1b5)4.0.12vulnerable
2020-05-09 00:15:32 UTC (695895)4.0.12vulnerable
2020-05-08 16:55:29 UTC (210d86)4.0.12vulnerable
2020-05-07 09:40:23 UTC (b0e3df)4.0.12vulnerable
2020-05-06 08:15:16 UTC (4d3731)4.0.12vulnerable
2020-04-29 06:55:09 UTC (ab3adf)4.0.12vulnerable
2020-04-29 01:15:23 UTC (365ca1)4.0.12vulnerable
2020-04-28 03:20:29 UTC (2faa76)4.0.12vulnerable
2020-04-27 09:30:14 UTC (9137f0)4.0.12vulnerable
2020-04-26 18:00:18 UTC (74a80c)4.0.12vulnerable
2020-04-26 15:30:13 UTC (4b6bfe)4.0.12vulnerable
2020-04-22 22:50:36 UTC (95b9c9)4.0.12vulnerable
2020-04-22 20:55:28 UTC (63284e)4.0.12vulnerable
2020-04-21 16:45:31 UTC (1e90c4)4.0.12vulnerable
2020-04-20 21:15:28 UTC (527232)4.0.12vulnerable
2020-04-20 11:55:37 UTC (e03eef)4.0.12vulnerable
2020-04-19 06:30:35 UTC (a17e02)4.0.12vulnerable
2020-04-17 09:15:39 UTC (0f920b)4.0.12vulnerable
2020-04-16 04:10:35 UTC (a438ae)4.0.12vulnerable
2020-04-15 21:25:43 UTC (217500)4.0.12vulnerable
2020-04-14 22:55:46 UTC (9f0f06)4.0.12vulnerable
2020-04-13 22:30:41 UTC (708cb6)4.0.12vulnerable
2020-04-07 22:30:40 UTC (29eddf)4.0.12vulnerable
2020-04-06 09:15:44 UTC (0bb351)4.0.12vulnerable
2020-04-05 22:10:20 UTC (182f22)4.0.12vulnerable
2020-04-05 18:00:44 UTC (7c9e1e)4.0.12vulnerable
2020-04-04 15:35:37 UTC (4dc844)4.0.12vulnerable
nixos-unstable
2020-05-19 15:55:23 UTC (0f5ce2)4.0.12vulnerable
2020-05-17 05:35:10 UTC (b47873)4.0.12vulnerable
2020-05-16 06:35:37 UTC (32b8ed)4.0.12vulnerable
2020-05-14 10:45:36 UTC (8ba41a)4.0.12vulnerable
2020-05-14 05:55:25 UTC (9a29fe)4.0.12vulnerable
2020-05-12 12:30:34 UTC (683c68)4.0.12vulnerable
2020-04-29 22:20:14 UTC (fce756)4.0.12vulnerable
2020-04-27 07:20:22 UTC (7c399a)4.0.12vulnerable
2020-04-21 11:50:36 UTC (22a3bf)4.0.12vulnerable
2020-04-20 18:55:24 UTC (b3c3a0)4.0.12vulnerable
2020-04-17 16:30:35 UTC (b61999)4.0.12vulnerable
2020-04-13 19:25:19 UTC (868692)4.0.12vulnerable
2020-04-13 08:25:23 UTC (81a6a8)4.0.12vulnerable
2020-04-12 06:15:29 UTC (807ca9)4.0.12vulnerable
2020-04-10 15:20:38 UTC (9b0d2f)4.0.12vulnerable
2020-04-08 01:15:40 UTC (39247f)4.0.12vulnerable
2020-03-28 20:50:45 UTC (ae6bdc)4.0.12vulnerable
2020-03-27 12:30:26 UTC (3320a0)4.0.12vulnerable