CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-1409 – Certificate validation issue in MongoDB Server running on Windows or macOS
https://notcve.org/view.php?id=CVE-2023-1409
23 Aug 2023 — If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are already known to work securely in other platforms (e.g. Linux), it is possible that client certificate validation may not be in effect, potentially allowing client to establish a TLS connection with the server that supplies any certificate. This issue affect all MongoDB Server v6.3 versions, MongoDB Server v5.0 versions v5.0.0 to v5.0.14 and all MongoDB Server v4.4 versions. • https://jira.mongodb.org/browse/SERVER-73662 • CWE-295: Improper Certificate Validation •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4009 – Privilege Escalation for Project Owner and Project User Admin Roles in Ops Manager
https://notcve.org/view.php?id=CVE-2023-4009
08 Aug 2023 — In MongoDB Ops Manager v5.0 prior to 5.0.22 and v6.0 prior to 6.0.17 it is possible for an authenticated user with project owner or project user admin access to generate an API key with the privileges of org owner resulting in privilege escalation. • https://security.netapp.com/advisory/ntap-20230831-0013 • CWE-269: Improper Privilege Management CWE-648: Incorrect Use of Privileged APIs •
CVSS: 5.3EPSS: 11%CPEs: 2EXPL: 1CVE-2023-0342 – MongoDB Ops Manager may disclose sensitive information in Diagnostic Archive
https://notcve.org/view.php?id=CVE-2023-0342
09 Jun 2023 — MongoDB Ops Manager Diagnostics Archive may not redact sensitive PEM key file password app settings. Archives do not include the PEM files themselves. This issue affects MongoDB Ops Manager v5.0 prior to 5.0.21 and MongoDB Ops Manager v6.0 prior to 6.0.12 • https://packetstorm.news/files/id/180702 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-48282 – Deserializing compromised object with MongoDB .NET/C# Driver may cause remote code execution
https://notcve.org/view.php?id=CVE-2022-48282
21 Feb 2023 — Under very specific circumstances (see Required configuration section below), a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C#. This affects all MongoDB .NET/C# Driver versions prior to and including v2.18.0 Following configuration must be true for the vulnerability to be applicable: * Application must written in C# taking arbitrary data from users and serializing data using _t without any validati... • https://github.com/mongodb/mongo-csharp-driver/releases/tag/v2.19.0 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-32040 – Large aggregation pipelines with a specific stage can crash mongod under default configuration
https://notcve.org/view.php?id=CVE-2021-32040
12 Apr 2022 — It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. If an attacker could cause such an aggregation to occur, they could maliciously crash MongoDB in a DoS attack. This vulnerability affects MongoDB Server v4.4 versions prior to and including 4.4.28, MongoDB Server v5.0 versions prior to 5.0.4 and MongoDB Server v4.2 versions prior to 4.2.16. Workaround: >= v4.2.16 us... • https://jira.mongodb.org/browse/SERVER-58203 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-24272 – MongoDB Server (mongod) may crash in response to unexpected requests
https://notcve.org/view.php?id=CVE-2022-24272
14 Feb 2022 — An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6. Un usuario autenticado puede desencadenar una aserción invariante durante el envío de comandos debido a una validación incorrecta en la base de datos $external. • https://packetstorm.news/files/id/165969 • CWE-617: Reachable Assertion •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-32036 – Denial of Service and Data Integrity vulnerability in features command
https://notcve.org/view.php?id=CVE-2021-32036
04 Feb 2022 — An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. This may result in denial of service and in rare cases could result in id field collisions. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.3; MongoDB Server v4.4 versions prior to and including 4.4.9; MongoDB Server v4.2 versions prior to and including 4.2.16 and MongoDB Server v4.0 ... • https://jira.mongodb.org/browse/SERVER-59294 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-32039 – MongoDB Extension for VS Code may unexpectedly store credentials locally in clear text
https://notcve.org/view.php?id=CVE-2021-32039
20 Jan 2022 — Users with appropriate file access may be able to access unencrypted user credentials saved by MongoDB Extension for VS Code in a binary file. These credentials may be used by malicious attackers to perform unauthorized actions. This vulnerability affects all MongoDB Extension for VS Code including and prior to version 0.7.0 Los usuarios con acceso apropiado a los archivos pueden ser capaces de acceder a las credenciales de usuario sin cifrar guardadas por MongoDB Extension for VS Code en un archivo binario... • https://github.com/mongodb-js/vscode/releases/tag/v0.8.0 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-20330 – Specific replication command with malformed oplog entries can crash secondaries
https://notcve.org/view.php?id=CVE-2021-20330
15 Dec 2021 — An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries. This issue affects MongoDB Server v4.0 versions prior to 4.0.27; MongoDB Server v4.2 versions prior to 4.2.16; MongoDB Server v4.4 versions prior to 4.4.9. Un atacante con permisos CRUD básicos en una colección replicada puede ejecutar el comando applyOps con entradas oplog especialmente malformadas, resultando en u... • https://jira.mongodb.org/browse/SERVER-36263 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-32037 – User may trigger invariant when allowed to send commands directly to shards
https://notcve.org/view.php?id=CVE-2021-32037
24 Nov 2021 — An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request is sent to a shard. Usually, the requests are sent via mongos and special privileges are required in order to know the address of the shards and to log in to the shards of an auth enabled environment. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.2. Un usuario autorizado puede desencadenar una invariante que puede resultar en una denegación de servic... • https://jira.mongodb.org/browse/SERVER-59071 • CWE-617: Reachable Assertion •