Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2019-2389HistoryAug 30, 2019 - 3:15 p.m.
CVE-2019-2389
2019-08-3015:15:00
Debian Security Bug Tracker
security-tracker.debian.org
8
0.0004 Low
EPSS
Percentile
12.6%
Incorrect scoping of kill operations in MongoDB Server’s packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.11; v3.6 versions prior to 3.6.14; v3.4 versions prior to 3.4.22.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | mongodb | <= 1:3.2.11-2+deb9u1 | mongodb_1:3.2.11-2+deb9u1_all.deb |
Related
openvas
openvas
freebsd
freebsd
cvelist
cvelist
CVE-2019-2389 Process termination via PID file manipulation
2019-08-30 14:41:23
ibm
ibm
ubuntucve
ubuntucve
CVE-2019-2389
2019-08-30 00:00:00
nvd
nvd
CVE-2019-2389
2019-08-30 15:15:10
prion
prion
Code injection
2019-08-30 15:15:00
osv
osv
CVE-2019-2389
2019-08-30 15:15:10
cve
cve
CVE-2019-2389
2019-08-30 15:15:10
mongodb
mongodb
CVE-2019-2389
2019-08-30 12:47:34
nessus
nessus
redhatcve
redhatcve
CVE-2019-2389
2019-10-24 13:50:45