admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-83xx/CVE-2024-8305.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

126 lines
4.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-8305",
"sourceIdentifier": "cna@mongodb.com",
"published": "2024-10-21T15:15:04.030",
"lastModified": "2024-11-07T15:38:32.323",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no primaries. This issue affects MongoDB Server v6.0 versions prior to 6.0.17, MongoDB Server v7.0 versions prior to 7.0.13 and MongoDB Server v7.3 versions prior to 7.3.4"
},
{
"lang": "es",
"value": "El \u00edndice prepareUnique puede provocar que los secundarios se bloqueen debido a la aplicaci\u00f3n incorrecta de restricciones de \u00edndice en los secundarios, lo que en casos extremos puede provocar que varios secundarios se bloqueen y no haya primarios. Este problema afecta a las versiones de MongoDB Server v6.0 anteriores a la 6.0.17, a las versiones de MongoDB Server v7.0 anteriores a la 7.0.13 y a las versiones de MongoDB Server v7.3 anteriores a la 7.3.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@mongodb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cna@mongodb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1288"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.0.17",
"matchCriteriaId": "570BED76-46EA-45C0-8031-6E78DF9EC047"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.13",
"matchCriteriaId": "5AAB2B33-6144-4453-85DC-8705E6385F90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*",
"versionStartIncluding": "7.3.0",
"versionEndExcluding": "7.3.4",
"matchCriteriaId": "72C3D6A6-E626-40F5-BB24-F9CC021D9598"
}
]
}
]
}
],
"references": [
{
"url": "https://jira.mongodb.org/browse/SERVER-92382",
"source": "cna@mongodb.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink