Description

A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an invariant in the query subsystem's support for geoNear. This issue affects MongoDB Server v4.4 versions prior to 4.4.0-rc7; MongoDB Server v4.2 versions prior to 4.2.8 and MongoDB Server v4.0 versions prior to 4.0.19.

Remediation

References

CVE-2020-7923

Related Vulnerabilities

MySQL CVE-2019-2486 Vulnerability (CVE-2019-2486)

Microsoft SQL Server Other Vulnerability (CVE-2000-1085)

WordPress Plugin WordPress Download Manager Unspecified Vulnerability (2.9.96)

phpBB Improper Initialization Vulnerability (CVE-2001-1471)

WordPress Plugin Front End Upload Arbitrary File Upload (0.5.4.4)

Severity

Medium

Classification

CVE-2020-7923 CWE-755 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities