Percona Server 2020-10-02 for MongoDB

CPE Details

Percona Server 2020-10-02 for MongoDB
percona
percona_server
2020-10-02
2020-12-04
17h05 +00:00
2020-12-04
17h05 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:percona:percona_server:2020-10-02:*:*:*:*:mongodb:*:*

Informations

Vendor

percona

Product

percona_server

Version

2020-10-02

Target Software

mongodb

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-27928 2021-03-19 01h46 +00:00 A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product.
7.2
High
CVE-2020-26542 2020-11-09 18h07 +00:00 An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the SimpleLDAP authentication in conjunction with Microsoft’s Active Directory, Percona has discovered a flaw that would allow authentication to complete when passing a blank value for the account password, leading to access against the service integrated with which Active Directory is deployed at the level granted to the authenticating account.
9.8
Critical