Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-20330

Опубликовано: 15 дек. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4
CVSS3: 6.5

Описание

An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries. This issue affects MongoDB Server v4.0 versions prior to 4.0.27; MongoDB Server v4.2 versions prior to 4.2.16; MongoDB Server v4.4 versions prior to 4.4.9.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

needs-triage

focal

ignored

end of standard support, was needs-triage
trusty

ignored

end of standard support
trusty/esm

ignored

end of ESM support, was needs-triage
upstream

needs-triage

xenial

ignored

end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 59%
0.00378
Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-20330

CVSS3: 6.5
redhat
около 4 лет назад

An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries. This issue affects MongoDB Server v4.0 versions prior to 4.0.27; MongoDB Server v4.2 versions prior to 4.2.16; MongoDB Server v4.4 versions prior to 4.4.9.

nvd логотип

CVE-2021-20330

CVSS3: 6.5
nvd
около 4 лет назад

An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries. This issue affects MongoDB Server v4.0 versions prior to 4.0.27; MongoDB Server v4.2 versions prior to 4.2.16; MongoDB Server v4.4 versions prior to 4.4.9.

debian логотип

CVE-2021-20330

CVSS3: 6.5
debian
около 4 лет назад

An attacker with basic CRUD permissions on a replicated collection can ...

github логотип

GHSA-8jvf-jqg4-r6h2

CVSS3: 6.5
github
около 4 лет назад

An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries. This issue affects MongoDB Server v4.0 versions prior to 4.0.25; MongoDB Server v4.2 versions prior to 4.2.14; MongoDB Server v4.4 versions prior to 4.4.6.

EPSS

Процентиль: 59%
0.00378
Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3