MongoDB 3.6 < 3.6.15, 4.0 < 4.0.13, 4.2 < 4.2.1 DoS Vulnerability - Windows
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
MongoDB is prone to a denial of service (DoS) vulnerability.
Insight
Insight
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations.
Affected Software
Affected Software
MongoDB versions 3.6 prior to 3.6.15, 4.0 prior to 4.0.13 and 4.2 prior to 4.2.1.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Update to version 3.6.15, 4.0.13, 4.2.1 or later.