Vulnerability CVE-2022-24272


Published: 2022-04-21

Description:
An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6.

See advisories in our WLB2 database:
Topic
Author
Date
Low
WordPress International SMS For Contact Form 7 Integration 1.2 CSRF
Milad Karimi
15.02.2022

Type:

CWE-352

(Cross-Site Request Forgery (CSRF))

 References:
https://jira.mongodb.org/browse/SERVER-63968

Copyright 2024, cxsecurity.com

 

Back to Top