5
CVSSv2

CVE-2014-3971

Published: 25/12/2014 Updated: 29/12/2014
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 446
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x prior to 2.6.2 allows remote malicious users to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

mongodb mongodb 2.6.0

mongodb mongodb 2.6.1

Github Repositories

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing Installing with pip This is the recommended installation method in case you have python and pip pip install mongoaudit Alternative installer Use this if and only if python and pip are not available on your platform curl -s mongoaudit/

A powerful MongoDB auditing and pentesting tool

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing Installing with pip This is the recommended installation method in case you have python and pip pip install mongoaudit Alternative installer Use this if and only if python and pip are not available on your platform curl -s mongoaudit/

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing Installing with pip This is the recommended installation method in case you have python and pip pip install mongoaudit Alternative installer Use this if and only if python and pip are not available on your platform curl -s mongoaudit/