SecuritySpace - CVE-2021-20330

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2021-20330

Description: An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries. This issue affects MongoDB Server v4.0 versions prior to 4.0.27; MongoDB Server v4.2 versions prior to 4.2.16; MongoDB Server v4.4 versions prior to 4.4.9.

Test IDs: 1.3.6.1.4.1.25623.1.0.147347 1.3.6.1.4.1.25623.1.0.147346

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2021-20330
https://jira.mongodb.org/browse/SERVER-36263
https://jira.mongodb.org/browse/SERVER-36263

CVE ID:	CVE-2021-20330
Description:	An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries. This issue affects MongoDB Server v4.0 versions prior to 4.0.27; MongoDB Server v4.2 versions prior to 4.2.16; MongoDB Server v4.4 versions prior to 4.4.9.
Test IDs:	1.3.6.1.4.1.25623.1.0.147347 1.3.6.1.4.1.25623.1.0.147346
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2021-20330 https://jira.mongodb.org/browse/SERVER-36263 https://jira.mongodb.org/browse/SERVER-36263