Description

The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

Remediation

References

CVE-2014-3971

Related Vulnerabilities

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-2141)

WordPress Plugin LearnPress-WordPress LMS Cross-Site Request Forgery (3.2.7.2)

WordPress Plugin Kino Gallery TimThumb Arbitrary File Upload (1.0)

WordPress Plugin Giveaway SQL Injection (1.2.2)

Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21656)

Severity

Medium

Classification

CVE-2014-3971 CWE-20

Tags

Missing Update Known Vulnerabilities