Details
-
Bug
-
Resolution: Fixed
-
Major - P3
-
4.2.15, 4.4.8, 5.0.2
-
None
-
None
-
Fully Compatible
-
ALL
-
-
Security 2021-11-01
Description
When an unauthenticated user attempts a command that requires authentication, an authcheck record may be generated in the audit log. The record looks like this:
{ "atype" : "authCheck", "ts" : { "$date" : "2021-08-26T07:47:14.112-05:00" }, "uuid" : { "$binary" : "puZTT2N5RYWlDirvcy9Blw==", "$type" : "04" }, "local" : { "ip" : "127.0.2.1", "port" : 27017 }, "remote" : { "ip" : "127.0.0.1", "port" : 39250 }, "users" : [], "roles" : [], "param" : { "command" : "Error", "ns" : "admin" }, "result" : 13 }
|
Note the param.command field is "Error" rather than the actual command.