5 matches found
BIT-MONGODB-2021-20330 Specific replication command with malformed oplog entries can crash secondaries
An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries. This issue affects MongoDB Server v4.0 versions prior to 4.0.27; MongoDB Server v4.2 versions prior to...
CVE-2021-20330
A denial of service attack was found in MongoDB. An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries...
MongoDB Server Denial of Service Vulnerability (CNVD-2021-101988)
Mongodb Server is an open source NoSQL database from Mongodb, Inc. The database provides collection-oriented storage, dynamic query, data replication and automatic failover, etc. A denial-of-service vulnerability exists in MongoDB Server, which can be exploited by an attacker with basic CRUD...
Design/Logic Flaw
An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries. This issue affects MongoDB Server v4.0 versions prior to 4.0.27; MongoDB Server v4.2 versions prior to...
CVE-2021-20330
Removed by vendor...