Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv3

CVE-2017-18381

Published: 30/07/2019 Updated: 07/11/2023
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
VMScore: 578
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Edx-platform

Vulnerability Summary

The installation process in Open edX prior to 2017-01-10 exposes a MongoDB instance to external connections with default credentials.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

edx edx-platform

Github Repositories

https://github.com/0x1mahmoud/FeedNext-2Vulns

I Found 2 Critical Vulnerabilities On FeedNext Open Source

FeedNext-2Vulns I Found 2 Critical Vulnerabilities On FeedNext Open Source The First one is CVE-2017-18381: Description: The installation process in Open edX before 2017-01-10 exposes a MongoDB instance to external connections with default credentials The vulnerable section in the picture below - it's because MongoDB old version Severity = Critical The Second One

References

NVD-CWE-noinfohttps://groups.google.com/forum/#%21topic/openedx-announce/mpyyx34LWSYhttps://groups.google.com/forum/#%21topic/openedx-announce/jRXyo1HJzNkhttps://nvd.nist.govhttps://github.com/0x1mahmoud/FeedNext-2Vulns
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook