CVE-2024-8013

CSFLE and Queryable Encryption self-lookup may fail to encrypt values in subpipelines

Severity Score

2.2

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no documents would be returned or written. This issue affects mongocryptd binary (v5.0 versions prior to 5.0.29, v6.0 versions prior to 6.0.17, v7.0 versions prior to 7.0.12 and v7.3 versions prior to 7.3.4) and mongo_crypt_v1.so shared libraries (v6.0 versions prior to 6.0.17, v7.0 versions prior to 7.0.12 and v7.3 versions prior to 7.3.4) released alongside MongoDB Enterprise Server versions.

*Credits: N/A

CVSS Scores

MongoDB, Inc.v3.1 2.2

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-08-20 CVE Reserved
2024-10-28 CVE Published
2024-10-28 CVE Updated
2024-10-29 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-319: Cleartext Transmission of Sensitive Information

CAPEC

References (1)

URL	Tag	Source
https://jira.mongodb.org/browse/SERVER-96254

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
MongoDB Inc Search vendor "MongoDB Inc"		Mongocryptd Search vendor "MongoDB Inc" for product "Mongocryptd"				>= 5.0.0 < 5.0.29 Search vendor "MongoDB Inc" for product "Mongocryptd" and version " >= 5.0.0 < 5.0.29"		en		Affected
MongoDB Inc Search vendor "MongoDB Inc"		Mongocryptd Search vendor "MongoDB Inc" for product "Mongocryptd"				>= 6.0.0 < 6.0.17 Search vendor "MongoDB Inc" for product "Mongocryptd" and version " >= 6.0.0 < 6.0.17"		en		Affected
MongoDB Inc Search vendor "MongoDB Inc"		Mongocryptd Search vendor "MongoDB Inc" for product "Mongocryptd"				>= 7.0 < 7.012 Search vendor "MongoDB Inc" for product "Mongocryptd" and version " >= 7.0 < 7.012"		en		Affected
MongoDB Inc Search vendor "MongoDB Inc"		Mongocryptd Search vendor "MongoDB Inc" for product "Mongocryptd"				>= 7.3.0 < 7.3.4 Search vendor "MongoDB Inc" for product "Mongocryptd" and version " >= 7.3.0 < 7.3.4"		en		Affected
MongoDB Inc Search vendor "MongoDB Inc"		Mongo Crypt V1.so Search vendor "MongoDB Inc" for product "Mongo Crypt V1.so"				>= 6.0.0 < 6.0.17 Search vendor "MongoDB Inc" for product "Mongo Crypt V1.so" and version " >= 6.0.0 < 6.0.17"		en		Affected
MongoDB Inc Search vendor "MongoDB Inc"		Mongo Crypt V1.so Search vendor "MongoDB Inc" for product "Mongo Crypt V1.so"				>= 7.0.0 < 7.0.12 Search vendor "MongoDB Inc" for product "Mongo Crypt V1.so" and version " >= 7.0.0 < 7.0.12"		en		Affected
MongoDB Inc Search vendor "MongoDB Inc"		Mongo Crypt V1.so Search vendor "MongoDB Inc" for product "Mongo Crypt V1.so"				>= 7.3.0 < 7.3.4 Search vendor "MongoDB Inc" for product "Mongo Crypt V1.so" and version " >= 7.3.0 < 7.3.4"		en		Affected