6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.014 Low
EPSS
Percentile
84.5%
MongoDB is a NoSQL database.
A buffer over-read flaw was found in the way MongoDB handled BSON data.
A database user permitted to insert BSON data into a MongoDB server could
use this flaw to read server memory, potentially disclosing sensitive data.
(CVE-2012-6619)
All mongodb users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | x86_64 | mongodb | < 2.2.4-4.el6ost | mongodb-2.2.4-4.el6ost.x86_64.rpm |
RedHat | 6 | x86_64 | mongodb-debuginfo | < 2.2.4-4.el6ost | mongodb-debuginfo-2.2.4-4.el6ost.x86_64.rpm |
RedHat | 6 | src | mongodb | < 2.2.4-4.el6ost | mongodb-2.2.4-4.el6ost.src.rpm |
RedHat | 6 | x86_64 | libmongodb | < 2.2.4-4.el6ost | libmongodb-2.2.4-4.el6ost.x86_64.rpm |
RedHat | 6 | x86_64 | mongodb-server | < 2.2.4-4.el6ost | mongodb-server-2.2.4-4.el6ost.x86_64.rpm |