Lucene search
GoogleOSV:CVE-2021-32037HistoryNov 24, 2021 - 4:15 p.m.
CVE-2021-32037
2021-11-2416:15:13
Google
osv.dev
6
An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request is sent to a shard. Usually, the requests are sent via mongos and special privileges are required in order to know the address of the shards and to log in to the shards of an auth enabled environment. This issue affects MongoDB Server v5.0 versions prior to and including 5.0.2.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mongo | eq | r5.0.0 | |
| mongo | eq | r5.0.2 | |
| mongo | eq | r5.0.2-rc0 | |
| mongo | eq | r5.0.1 | |
| mongo | eq | r5.0.1-rc0 |
References
Related
redhatcve
redhatcve
CVE-2021-32037
2021-11-24 22:18:46
openvas
openvas
MongoDB DoS Vulnerability (SERVER-59071) - Windows
2022-02-07 00:00:00
MongoDB DoS Vulnerability (SERVER-59071) - Linux
2022-02-07 00:00:00
prion
prion
Design/Logic Flaw
2021-11-24 16:15:00
mongodb
mongodb
User may trigger invariant when allowed to send commands directly to shards
2021-11-24 14:09:00
nvd
nvd
CVE-2021-32037
2021-11-24 16:15:13
ubuntucve
ubuntucve
CVE-2021-32037
2021-11-24 00:00:00
cve
cve
CVE-2021-32037
2021-11-24 16:15:13
debiancve
debiancve
CVE-2021-32037
2021-11-24 16:15:00
osv
osv
BIT-mongodb-2021-32037
2024-03-06 10:57:31
cvelist
cvelist