MongoDB 6.0.3

CPE Details

MongoDB 6.0.3
mongodb
mongodb
6.0.3
2024-08-19
10h27 +00:00
2024-08-19
10h27 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:mongodb:mongodb:6.0.3:*:*:*:-:*:*:*

Informations

Vendor

mongodb

Product

mongodb

Version

6.0.3

Software Edition

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-8305 2024-10-21 14h10 +00:00 prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no primaries. This issue affects MongoDB Server v6.0 versions prior to 6.0.17, MongoDB Server v7.0 versions prior to 7.0.13 and MongoDB Server v7.3 versions prior to 7.3.4
6.5
Medium
CVE-2024-1351 2024-03-07 16h10 +00:00 Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer certificate validation which may result in untrusted connections to succeed. This may effectively reduce the security guarantees provided by TLS and open connections that should have been closed due to failing certificate validation. This issue affects MongoDB Server v7.0 versions prior to and including 7.0.5, MongoDB Server v6.0 versions prior to and including 6.0.13, MongoDB Server v5.0 versions prior to and including 5.0.24 and MongoDB Server v4.4 versions prior to and including 4.4.28. Required Configuration : A server process will allow incoming connections to skip peer certificate validation if the server process was started with TLS enabled (net.tls.mode set to allowTLS, preferTLS, or requireTLS) and without a net.tls.CAFile configured.
9.8
Critical
CVE-2014-8180 2017-06-06 16h00 +00:00 MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.
5.5
Medium