virus logo Intrusion Prevention

MongoDB.Unauthenticated.Remote.Database.Access

description-logoDescription

This indicates an attack attempt to gain Unauthorized Access to MongoDB.
The vulnerability is due to the software's insecure default configuration. As a result, a remote attacker can send a crafted query to connect, and execute arbitrary commands to a database.

affected-products-logoAffected Products

MongoDB

Impact logoImpact

System Compromise: Remote attackers can add, view, delete or modify data in an affected database.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for suggested workaround.
https://www.mongodb.com/blog/post/how-to-avoid-a-malicious-attack-that-ransoms-your-data

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://krebsonsecurity.com/2017/01/extortionists-wipe-thousands-of-databases-victims-who-pay-up-get-stiffed/
ID 43721
Created Mar 07, 2017
Updated Sep 24, 2020
Risk black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows, Linux, MacOS
Affected App Other