Summary
The host is installed with MongoDB
and is prone to remote denial of service vulnerability.
Impact
Successful exploitation will allow remote
attackers to cause a denial of service (application crash).
Impact Level: Application
Solution
Upgrade to MongoDB version 2.6.2 or later,
For updates refer to http://www.mongodb.org
Insight
Flaw is due to improper handling of
X.509 Certificate.
Affected
MongoDB version 2.6.x before 2.6.2
Detection
Get the installed version with the help of
detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-3971 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- MariaDB 'COM_CHANGE_USER' Command Insecure Salt Generation Security Bypass Vulnerability
- Oracle MySQL Server Component 'Optimizer' Unspecified vulnerability Oct-2013 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities - 05 Jan14 (Windows)
- IBM DB2 Multiple Security Bypass Vulnerabilities
- IBM DB2 Client Interfaces component Unspecified Vulnerabilities (Linux)