SecuritySpace - CVE-2019-2389

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2019-2389

Description: Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects MongoDB Server v4.0 versions prior to 4.0.11; MongoDB Server v3.6 versions prior to 3.6.14; MongoDB Server v3.4 versions prior to 3.4.22.

Test IDs: 1.3.6.1.4.1.25623.1.0.142841

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2019-2389
https://jira.mongodb.org/browse/SERVER-40563
https://jira.mongodb.org/browse/SERVER-40563

CVE ID:	CVE-2019-2389
Description:	Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects MongoDB Server v4.0 versions prior to 4.0.11; MongoDB Server v3.6 versions prior to 3.6.14; MongoDB Server v3.4 versions prior to 3.4.22.
Test IDs:	1.3.6.1.4.1.25623.1.0.142841
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2019-2389 https://jira.mongodb.org/browse/SERVER-40563 https://jira.mongodb.org/browse/SERVER-40563