MongoDB Server May Experience Unexpected Behavior Due to Incorrect Memory Access
CVE-2024-8654

5MEDIUM

Key Information:

Vendor: MongoDB
Status: Mongodb Server
Vendor: CVE Published:; 10 September 2024

Summary

MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage. This issue affected MongoDB Server v6.0 version 6.0.3.

Affected Version(s)

MongoDB Server 6.0.3

References

https://jira.mongodb.org/browse/SERVER-71477

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 10, 2024
Vulnerability Reserved
Sep 10, 2024