Unrated severityNVD Advisory· Published Nov 9, 2020· Updated Aug 4, 2024
CVE-2020-26542
CVE-2020-26542
Description
An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the SimpleLDAP authentication in conjunction with Microsoft’s Active Directory, Percona has discovered a flaw that would allow authentication to complete when passing a blank value for the account password, leading to access against the service integrated with which Active Directory is deployed at the level granted to the authenticating account.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
22- osv-coords21 versionspkg:apk/chainguard/percona-server-8.0pkg:apk/chainguard/percona-server-8.3pkg:apk/chainguard/percona-server-8.3-devpkg:apk/chainguard/percona-server-8.3-oci-entrypointpkg:apk/chainguard/percona-server-8.3-oci-entrypoint-compatpkg:apk/chainguard/percona-server-8.4pkg:apk/chainguard/percona-server-9.0pkg:apk/chainguard/percona-server-9.1pkg:apk/chainguard/percona-server-9.4pkg:apk/chainguard/percona-server-9.5pkg:apk/chainguard/percona-server-9.6pkg:apk/wolfi/percona-server-8.3pkg:apk/wolfi/percona-server-8.3-devpkg:apk/wolfi/percona-server-8.3-oci-entrypointpkg:apk/wolfi/percona-server-8.3-oci-entrypoint-compatpkg:apk/wolfi/percona-server-8.4pkg:apk/wolfi/percona-server-9.0pkg:apk/wolfi/percona-server-9.1pkg:apk/wolfi/percona-server-9.4pkg:apk/wolfi/percona-server-9.5pkg:apk/wolfi/percona-server-9.6
< 0+ 20 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
Patches
Vulnerability mechanics
References
4- jira.percona.com/browse/PS-7358mitrex_refsource_MISC
- jira.percona.com/browse/PSMDB-726mitrex_refsource_MISC
- www.percona.com/blog/2020/10/13/percona-distribution-for-mysql-pxc-variant-8-0-20-fixes-for-security-vulnerability-release-roundup-october-13-2020/mitrex_refsource_CONFIRM
- www.percona.com/doc/percona-distribution-mysql/8.0/release-notes-pxc-v8.0.20.upd2.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.