Back to search
CVE-2017-15535
Published: Nov 1, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
101689
vdb-entry
x_refsource_BID
https://jira.mongodb.org/browse/SERVER-31273
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now