[SERVER-59294] Check action type for oidReset Created: 11/Aug/21  Updated: 29/Oct/23  Resolved: 01/Oct/21

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 4.2.18, 4.4.10, 5.0.4, 5.1.0-rc0

Type: Bug Priority: Major - P3
Reporter: Sara Golemon Assignee: Erwin Pe
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
Documented
is documented by DOCS-14836 Investigate changes in SERVER-59294: ... Closed
Related
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Requested:
v5.0, v4.4, v4.2, v4.0, v3.6
Sprint: Security 2021-09-20, Security 2021-10-04
Participants:

 Description   
CVE-2021-32036

Title
Denial of Service and Data Integrity vulnerability in features command

CVE ID
CVE-2021-32036

Description

An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. This may result in denial of service and in rare cases could result in id field collisions.

CVSS score
This issue's CVSS:3.1 severity is scored at 5.4 using the following scoring metrics:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Affected versions
MongoDB Server v5.0.0-v5.0.3, v4.4.0-v4.4.9, v4.2.0-v4.2.16, and all prior versions going back to v4.0.28

CWE
CWE-770: Allocation of Resources Without Limits or Throttling

Underlying operating systems affected
ALL

How the issue was reported:
Internally

External Reference link (server ticket)
SERVER-59294 



 Comments   
Comment by Vivian Ge (Inactive) [ 06/Oct/21 ]

Updating the fixversion since branching activities occurred yesterday. This ticket will be in rc0 when it’s been triggered. For more active release information, please keep an eye on #server-release. Thank you!

Comment by Githook User [ 05/Oct/21 ]

Author:

{'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}

Message: SERVER-59294 Check action type for oidReset
Branch: v5.0
https://github.com/mongodb/mongo/commit/b8768016b1a3708473a78c791ba9ccf1f617336f

Comment by Githook User [ 05/Oct/21 ]

Author:

{'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}

Message: SERVER-59294 Check action type for oidReset

(cherry picked from commit 9961fac1b2090484ec3ceaedc921ce2794e2fc79)
Branch: v4.2
https://github.com/mongodb/mongo/commit/d157291e03f8bcbaef497a78da93af1daae89fc4

Comment by Githook User [ 05/Oct/21 ]

Author:

{'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}

Message: SERVER-59294 Check action type for oidReset

(cherry picked from commit 9961fac1b2090484ec3ceaedc921ce2794e2fc79)
Branch: v4.4
https://github.com/mongodb/mongo/commit/0cd03a0192bb8ab880476bdc8d95c9620771264d

Comment by Githook User [ 30/Sep/21 ]

Author:

{'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}

Message: SERVER-59294 Check action type for oidReset
Branch: master
https://github.com/mongodb/mongo/commit/9961fac1b2090484ec3ceaedc921ce2794e2fc79

Generated at Thu Feb 08 05:46:52 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.