CVE-2017-15535 - Vulnerability Details - OpenCVE

MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mongodb	Mongodb

Configuration 1 [-]

cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/101689
https://jira.mongodb.org/browse/SERVER-31273
https://nvd.nist.gov/vuln/detail/CVE-2017-15535
https://www.cve.org/CVERecord?id=CVE-2017-15535

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-11-01T01:00:00

Updated: 2024-08-05T19:57:26.295Z

Reserved: 2017-10-17T00:00:00

Link: CVE-2017-15535

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-11-01T01:29:00.637

Modified: 2024-11-21T03:14:44.250

Link: CVE-2017-15535

Redhat

Severity : Moderate

Publid Date: 2017-09-29T00:00:00Z

Links: CVE-2017-15535 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-10-31T00:00:00", "descriptions": [{"lang": "en", "value": "MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-08T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "101689", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101689"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://jira.mongodb.org/browse/SERVER-31273"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-15535", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "101689", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101689"}, {"name": "https://jira.mongodb.org/browse/SERVER-31273", "refsource": "CONFIRM", "url": "https://jira.mongodb.org/browse/SERVER-31273"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T19:57:26.295Z"}, "title": "CVE Program Container", "references": [{"name": "101689", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/101689"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://jira.mongodb.org/browse/SERVER-31273"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-15535", "datePublished": "2017-11-01T01:00:00", "dateReserved": "2017-10-17T00:00:00", "dateUpdated": "2024-08-05T19:57:26.295Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC15E8B4-0238-40AE-9BF2-C18DEB922790", "versionEndExcluding": "3.4.10", "versionStartIncluding": "3.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory."}, {"lang": "es", "value": "MongoDB, en versiones 3.4.x anteriores a la 3.4.10, y desarrollos 3.5.x, tiene un ajuste de configuraci\u00f3n deshabilitado por defecto, networkMessageCompressors (tambi\u00e9n conocido como wire protocol compression), que expone una vulnerabilidad cuando se habilita que podr\u00eda ser explotada por atacantes maliciosos con el fin de provocar una denegaci\u00f3n de servicio o modificar memoria."}], "id": "CVE-2017-15535", "lastModified": "2024-11-21T03:14:44.250", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-01T01:29:00.637", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101689"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://jira.mongodb.org/browse/SERVER-31273"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101689"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://jira.mongodb.org/browse/SERVER-31273"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "mongodb: Invalid wire protocol compression", "id": "1516183", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1516183"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.7", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H", "status": "draft"}, "details": ["MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol compression), which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory.", "A memory corruption flaw was found in the way MongoDB handled wire protocol compression for intra-cluster communication. A privileged network attacker could potentially use this flaw to crash the MongoDB server under certain circumstances."], "name": "CVE-2017-15535", "package_state": [{"cpe": "cpe:/a:redhat:openstack:6", "fix_state": "Not affected", "package_name": "mongodb", "product_name": "Red Hat Enterprise Linux OpenStack Platform 6 (Juno)"}, {"cpe": "cpe:/a:redhat:openstack:7", "fix_state": "Not affected", "package_name": "mongodb", "product_name": "Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "mongodb", "product_name": "Red Hat Enterprise MRG 2"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Not affected", "package_name": "mongodb", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:11", "fix_state": "Not affected", "package_name": "mongodb", "product_name": "Red Hat OpenStack Platform 11 (Ocata)"}, {"cpe": "cpe:/a:redhat:openstack:8", "fix_state": "Not affected", "package_name": "mongodb", "product_name": "Red Hat OpenStack Platform 8 (Liberty)"}, {"cpe": "cpe:/a:redhat:openstack:9", "fix_state": "Not affected", "package_name": "mongodb", "product_name": "Red Hat OpenStack Platform 9 (Mitaka)"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-mongodb30upg-mongodb", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-mongodb32-mongodb", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Will not fix", "package_name": "rh-mongodb34-mongodb", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhscon:2", "fix_state": "Not affected", "package_name": "mongodb", "product_name": "Red Hat Storage Console 2"}, {"cpe": "cpe:/a:rhel_sam:1", "fix_state": "Not affected", "package_name": "mongodb", "product_name": "Red Hat Subscription Asset Manager"}], "public_date": "2017-09-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-15535\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-15535"], "statement": "Satellite 6 uses a vulnerable version of MongoDB. However, it does not enable wire protocol compression, and thus the vulnerability can not be triggered. A fix may be provided in a future release via RHSCL repository.", "threat_severity": "Moderate"}