CVE-2014-3971

Published: Dec 25, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/mongodb/mongo/commit/c151e0660b9736fe66b224f1129a16871165251b

x_refsource_CONFIRM

https://jira.mongodb.org/browse/SERVER-13753

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-3971

Description

Affected Products

References