) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
This is not the latest report. Click
here to view the latest report.
CVSS v3.1 Statistics for MongoDB, Inc. as of 08/26/2020
5
40
5
31
Reference
0-69.9%
|
|
Reference |
77.5
Contributor
70-94.9%
Provider
95-100%
| CVE | CNA Value | Alignment | NIST Value | Reason |
|---|---|---|---|---|
| CVE-2019-2388 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) None | Privileges Required (PR) None | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Changed | ≠ | Scope (S) Unchanged | Unclear if Scope change occurs. No identification of security boundaries being crossed. | |
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) None | Availability (A) None | |||
| CVE-2019-2391 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | Assessment performed prior to CVMAP efforts | |
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) Low | Confidentiality (C) Low | |||
| Integrity (I) Low | Integrity (I) Low | |||
| Availability (A) None | Availability (A) None | |||
| CVE-2020-7921 (4 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | ≠ | Attack Complexity (AC) High | Implementation specific secrets must be overcome | |
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) Required | ≠ | User Interaction (UI) None | Assessment performed prior to CVMAP efforts | |
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) Low | ≠ | Confidentiality (C) None | Assessment performed prior to CVMAP efforts | |
| Integrity (I) Low | ≠ | Integrity (I) High | Assessment performed prior to CVMAP efforts | |
| Availability (A) None | Availability (A) None | |||
| CVE-2020-7922 (5 of 8) | Attack Vector (AV) Adjacent Network | ≠ | Attack Vector (AV) Network | Assessment performed prior to CVMAP efforts |
| Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | Assessment performed prior to CVMAP efforts | |
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) High | Confidentiality (C) High | |||
| Integrity (I) High | ≠ | Integrity (I) None | Assessment performed prior to CVMAP efforts | |
| Availability (A) None | Availability (A) None | |||
| CVE-2020-7923 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
| Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
| Privileges Required (PR) Low | Privileges Required (PR) Low | |||
| User Interaction (UI) None | User Interaction (UI) None | |||
| Scope (S) Unchanged | Scope (S) Unchanged | |||
| Confidentiality (C) None | Confidentiality (C) None | |||
| Integrity (I) None | Integrity (I) None | |||
| Availability (A) High | Availability (A) High |