Vulnerability CVE-2020-7925
Published: 2020-11-23

Description:
Incorrect validation of user input in the role name parser may lead to use of uninitialized memory allowing an unauthenticated attacker to use a specially crafted request to cause a denial of service. This issue affects: MongoDB Inc. MongoDB Server v4.4 versions prior to 4.4.0-rc12; v4.2 versions prior to 4.2.9.

 References:
https://jira.mongodb.org/browse/SERVER-49142
Copyright 2024, cxsecurity.com

 

Back to Top