漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
MongoDB Server may allow queries to be terminated by unauthorized users
Vulnerability Description
A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. This may cause a denial of service by preventing a fraction of queries from successfully completing. This issue affects MongoDB Server v7.0 versions prior to 7.0.26 and MongoDB Server v8.0 versions prior to 8.0.14
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
授权机制缺失
Vulnerability Title
MongoDB Server 安全漏洞
Vulnerability Description
MongoDB Server是美国MongoDB公司的一套开源的NoSQL数据库。该数据库提供面向集合的存储、动态查询、数据复制及自动故障转移等功能。 MongoDB Server v7.0版本至7.0.26之前版本和8.0版本至8.0.14之前版本存在安全漏洞,该漏洞源于权限有限的集群用户可以终止其他用户执行的查询,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A