Lucene search
Veracode Vulnerability DatabaseVERACODE:29508HistoryFeb 26, 2021 - 2:31 a.m.
Insecure Hostname Verification
2021-02-2602:31:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.0005 Low
EPSS
Percentile
17.1%
MongoDB Driver performs insecure hostname verification. The use of client-side encryption leads to an insecure host name verification in KMS server’s certificate, allowing a MITM with a privileged network position to intercept the traffic between the Java driver and the KMS service rendering.
References
Related
ubuntucve
ubuntucve
CVE-2021-20328
2021-02-25 00:00:00
osv
osv
Improper Certificate Validation in MongoDB
2022-05-24 22:28:56
CVE-2021-20328
2021-02-25 17:15:28
prion
prion
Design/Logic Flaw
2021-02-25 17:15:00
github
github
Improper Certificate Validation in MongoDB
2022-05-24 22:28:56
cvelist
cvelist
cve
cve
CVE-2021-20328
2021-02-25 17:15:28
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by a mongodb-driver-legacy-4.1.1.jar vulnerability (CVE-2021-20328)
2022-06-20 20:41:12
Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image
2024-04-17 06:43:13
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-04-24 19:15:42
nvd
nvd
CVE-2021-20328
2021-02-25 17:15:28
redhat
redhat
redhatcve
redhatcve
CVE-2021-20328
2021-03-02 19:03:12
mongodb
mongodb
debiancve
debiancve
CVE-2021-20328
2021-02-25 17:15:28