AI description
Generated using AI and has not been reviewed by Intruder. May contain errors.
CVE-2024-6382 is a vulnerability affecting the MongoDB Rust Driver. Specifically, versions 2.0 prior to 2.8.2 are affected. The vulnerability stems from the incorrect handling of certain string inputs, which can lead the driver to construct unintended server commands. This mishandling of string inputs may result in unexpected application behavior. The vulnerability can be exploited over a network connection and requires minimal skill to exploit. To mitigate this vulnerability, it is recommended to upgrade to version 2.8.2 or later of the MongoDB Rust Driver.
- Description
- Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2
- Source
- cna@mongodb.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.4
- Impact score
- 2.7
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
- Severity
- MEDIUM
- cna@mongodb.com
- CWE-228
- Hype score
- Not currently trending