Lucene search

CVE-2018-20802

🗓️ 23 Nov 2020 16:12:15Reported by [email protected]Type

A user with database query authorization can trigger denial of service by using specially crafted queries in MongoDB Server v3.6 and v4.

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 11
OSV	UBUNTU-CVE-2018-20802	23 Nov 202016:15	–	osv
OSV	CVE-2018-20802	23 Nov 202016:15	–	osv
MongoDB	Post-auth queries on compound index may crash mongod	30 Nov 202000:00	–	mongodb
Debian CVE	CVE-2018-20802	23 Nov 202016:15	–	debiancve
CVE	CVE-2018-20802	23 Nov 202016:15	–	cve
OpenVAS	MongoDB 3.6 < 3.6.9, 4.0 < 4.0.3 DoS Vulnerability - Windows	2 Dec 202000:00	–	openvas
OpenVAS	MongoDB 3.6 < 3.6.9, 4.0 < 4.0.3 DoS Vulnerability - Linux	2 Dec 202000:00	–	openvas
Prion	Design/Logic Flaw	23 Nov 202016:15	–	prion
RedhatCVE	CVE-2018-20802	23 Nov 202020:51	–	redhatcve
Cvelist	CVE-2018-20802 Post-auth queries on compound index may crash mongod	23 Nov 202015:15	–	cvelist

Nvd

Node

mongodb mongodbRange3.6.0–3.6.9

mongodb mongodbRange4.0.0–4.0.3

Source	Link
jira	www.jira.mongodb.org/browse/SERVER-36993

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Nov 2020 16:15Current

6.3Medium risk

Vulners AI Score6.3

CVSS24

CVSS36.5

EPSS0.00426

CWE-394