Lucene search

K
osvGoogleOSV:UBUNTU-CVE-2024-8654
HistorySep 10, 2024 - 2:15 p.m.

UBUNTU-CVE-2024-8654

2024-09-1014:15:00
Google
osv.dev
4
ubuntu
cve-2024-8654
mongodb

CVSS3

5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

AI Score

6.7

Confidence

Low

MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage. This issue affected MongoDB Server v6.0 version 6.0.3.

CVSS3

5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

AI Score

6.7

Confidence

Low

Related for OSV:UBUNTU-CVE-2024-8654