Description

The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

Remediation

References

CVE-2014-3971

Related Vulnerabilities

WordPress Plugin KN Fix Your Title Cross-Site Scripting (1.0.1)

WordPress Plugin WP Silverlight Media Player Cross-Site Scripting (0.8)

Apache Tomcat Configuration Vulnerability (CVE-2010-4312)

WordPress Plugin WP DS FAQ 'ajax.php' SQL Injection (1.3.2)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43708)

Severity

Medium

Classification

CVE-2014-3971 CWE-20

Tags

Missing Update Known Vulnerabilities