Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2022-24272

Disclosure Date: April 21, 2022
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash. This issue affects: MongoDB Inc. MongoDB Server v5.0 versions, prior to and including v5.0.6.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Vendors

  • MongoDB Inc.

Products

  • MongoDB Server

Additional Info

Technical Analysis