CVE-2020-7928 : A user authorized to perform database queries may trigger a read overrun and acc

A user authorized to perform database queries may trigger a read overrun and access arbitrary memory by issuing specially crafted queries. This issue affects MongoDB Server v4.4 versions prior to 4.4.1; MongoDB Server v4.2 versions prior to 4.2.9; MongoDB Server v4.0 versions prior to 4.0.20 and MongoDB Server v3.6 versions prior to 3.6.20.

Published 2020-11-23 17:15:13

Updated 2024-09-17 01:15:45

Source MongoDB, Inc.

View at NVD, CVE.org

Products affected by CVE-2020-7928

Mongodb » Mongodb
Versions from including (>=) 4.4.0 and before (<) 4.4.1
cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*
Matching versions
Mongodb » Mongodb
Versions from including (>=) 4.2.0 and before (<) 4.2.9
cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*
Matching versions
Mongodb » Mongodb
Versions from including (>=) 4.5.0 and before (<) 4.5.1
cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*
Matching versions
Mongodb » Mongodb
Versions from including (>=) 3.6.0 and before (<) 3.6.20
cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*
Matching versions
Mongodb » Mongodb
Versions from including (>=) 4.0.0 and before (<) 4.0.20
cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2020-7928

Top countries where our scanners detected CVE-2020-7928

Top open port discovered on systems with this issue 27017

IPs affected by CVE-2020-7928 8,793

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2020-7928!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2020-7928

EPSS FAQ

0.48%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 63 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-7928

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.0	MEDIUM	AV:N/AC:L/Au:S/C:P/I:N/A:N	8.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	MongoDB, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	2.8	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2020-7928

CWE-158 Improper Neutralization of Null Byte or NUL Character

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes NUL characters or null bytes when they are sent to a downstream component.

Assigned by: cna@mongodb.com (Secondary)

References for CVE-2020-7928

https://jira.mongodb.org/browse/SERVER-49404

[SERVER-49404] Enforce additional checks in $arrayToObject - MongoDB
Issue Tracking;Patch;Vendor Advisory