Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:19 a.m.3 views

SUSE CVE-2019-2389

Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects MongoDB Server v4.0 versions prior to 4.0.11;...

5.3CVSS5.1AI score0.00305EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/12 8:16 p.m.27 views

Security Bulletin: Vulnerability in MongoDB affects IBM Spectrum Protect Plus (CVE-2019-2389)

Summary A denial of service vulnerability in MongoDB affects IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-2389 DESCRIPTION: MongoDB Server is vulnerable to a denial of service, caused by a flaw in the SysV init scripts. By inserting a specially-crafted PID file, a remote...

5.3CVSS1.9AI score0.00305EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2019/09/03 12:0 a.m.106 views

MongoDB 3.4 < 3.4.22, 3.6 < 3.6.14, 4.0 < 4.0.11, 4.1 < 4.1.14 DoS Vulnerability - Linux

MongoDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...

5.3CVSS4.6AI score0.00305EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/08/30 3:15 p.m.33 views

CVE-2019-2389

Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects MongoDB Server v4.0 versions prior to 4.0.11;...

5.3CVSS5.8AI score0.00305EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/08/30 2:41 p.m.26 views

CVE-2019-2389 Process termination via PID file manipulation

Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects MongoDB Server v4.0 versions prior to 4.0.11;...

5.3CVSS4.8AI score0.00305EPSS
Exploits0References1
CVE
CVE
added 2019/08/30 2:41 p.m.126 views

CVE-2019-2389

CVE-2019-2389 affects MongoDB Server via incorrect scoping of kill operations in packaged SysV init scripts. The flaw lets users with write access to the PID file influence kills when the root user stops MongoDB, enabling denial-of-service conditions. Affected are MongoDB Server v4.0 prior to 4.0...

5.3CVSS4.6AI score0.00305EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder