// For flags

CVE-2019-2389

Process termination via PID file manipulation

Severity Score

4.2
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects MongoDB Server v4.0 versions prior to 4.0.11; MongoDB Server v3.6 versions prior to 3.6.14; MongoDB Server v3.4 versions prior to 3.4.22.

El alcance incorrecto de las operaciones de eliminación en los scripts de inicio SysV empaquetados del servidor MongoDB permite a los usuarios con acceso de escritura al archivo PID insertar PID arbitrarios que se eliminarán cuando el usuario raíz detenga el proceso de MongoDB a través de SysV init. Este problema afecta a: MongoDB Inc. MongoDB Server v4.0 versiones anteriores a 4.0.11; v3.6 versiones anteriores a 3.6.14; v3.4 versiones anteriores a 3.4.22.

*Credits: Sicheng Liu of Beijing DBSEC Technology Co., Ltd
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-12-10 CVE Reserved
  • 2019-08-30 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
  • CWE-732: Incorrect Permission Assignment for Critical Resource
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
https://jira.mongodb.org/browse/SERVER-40563 2024-01-23
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mongodb
Search vendor "Mongodb"
 Mongodb
Search vendor "Mongodb" for product "Mongodb"
 >= 3.4.0 < 3.4.22
Search vendor "Mongodb" for product "Mongodb" and version " >= 3.4.0 < 3.4.22"
-
Affected
Mongodb
Search vendor "Mongodb"
 Mongodb
Search vendor "Mongodb" for product "Mongodb"
 >= 3.6.0 < 3.6.14
Search vendor "Mongodb" for product "Mongodb" and version " >= 3.6.0 < 3.6.14"
-
Affected
Mongodb
Search vendor "Mongodb"
 Mongodb
Search vendor "Mongodb" for product "Mongodb"
 >= 4.0.0 < 4.0.11
Search vendor "Mongodb" for product "Mongodb" and version " >= 4.0.0 < 4.0.11"
-
Affected