Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-8305

prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no primaries. This issue affects MongoDB Server v6.0 versions prior to 6.0.17, MongoDB Server v7.0 versions prior to 7.0.13 and MongoDB Server v7.3 versions prior to 7.3.4

Published

2024-10-21T15:15:04.030

Last Modified

2024-11-07T15:38:32.323

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-1288
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mongodb	mongodb	< 6.0.17	Yes
Application	mongodb	mongodb	< 7.0.13	Yes
Application	mongodb	mongodb	< 7.3.4	Yes

References

https://jira.mongodb.org/browse/SERVER-92382 Vendor Advisory ([email protected])