CVE-2017-18381

CVE-2017-18381

EPSS 1.2%

The installation process in Open edX before 2017-01-10 exposes a MongoDB instance to external connections with default credentials.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://groups.google.com/forum/#%21topic/openedx-announce/jRXyo1HJzNk https://groups.google.com/forum/#%21topic/openedx-announce/mpyyx34LWSY