Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2014-3971

The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

  • Published: Dec 25, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-3971
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
mongodb / mongodb 2.6.1 2.6.1.x
mongodb / mongodb 2.6.0 2.6.0.x