CVE-2021-20333

Sending specially crafted commands to a MongoDB Server may result in artificial log entries being generated or for log entries to be split. This issue affects MongoDB Server v3.6 versions prior to 3.6.20; MongoDB Server v4.0 versions prior to 4.0.21; MongoDB Server v4.2 versions prior to 4.2.10;
References
Link Resource
https://jira.mongodb.org/browse/SERVER-50605 Exploit Patch
Configurations

Configuration 1

cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*
cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*

Information

Published : 2021-07-23 12:15

Updated : 2021-08-03 07:49


NVD link : CVE-2021-20333

Mitre link : CVE-2021-20333

Products Affected
No products.
CWE
CWE-116

Improper Encoding or Escaping of Output