Details
-
Bug
-
Resolution: Duplicate
-
Major - P3
-
None
-
4.4.1
-
None
-
ALL
-
Description
MongoDB server version: 4.4.1
CentOS Linux release 7.6.1810 (Core)
MongoDB audit filter is able to audit the createCollection and dropCollection actions.
But with method db.dropDatabase, the attacker could bypass the audit filter by removing the current database.
Attachments
Issue Links
- duplicates
-
SERVER-50994 Audit of dropCollection during dropDatabase
-
- Closed
-