CVE-2020-7923
Description
A user authorized to perform database queries may cause denial of service by issuing specially crafted queries, which violate an invariant in the query subsystems support for geoNear. This issue affects MongoDB Server v4.4 versions prior to 4.4.0-rc7; MongoDB Server v4.2 versions prior to 4.2.8 and MongoDB Server v4.0 versions prior to 4.0.19.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.441
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerability CVE-2020-7923,CVE-2020-7928 are affected in MongoDB 4.5.0 | Windows |
| Vulnerability CVE-2020-7923,CVE-2020-7928 are affected in MongoDB 4.5.0 (For Linux) | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234