CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-2389

Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects MongoDB Server v4.0 versions prior to 4.0.11; MongoDB Server v3.6 versions prior to 3.6.14; MongoDB Server v3.4 versions prior to 3.4.22.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.5%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 1.9

References

Products affected by CVE-2019-2389

Mongodb » Mongodb » Version: 3.4.0

cpe:2.3:a:mongodb:mongodb:3.4.0
Mongodb » Mongodb » Version: 3.4.1

cpe:2.3:a:mongodb:mongodb:3.4.1
Mongodb » Mongodb » Version: 3.4.10

cpe:2.3:a:mongodb:mongodb:3.4.10
Mongodb » Mongodb » Version: 3.4.11

cpe:2.3:a:mongodb:mongodb:3.4.11
Mongodb » Mongodb » Version: 3.4.12

cpe:2.3:a:mongodb:mongodb:3.4.12
Mongodb » Mongodb » Version: 3.4.13

cpe:2.3:a:mongodb:mongodb:3.4.13
Mongodb » Mongodb » Version: 3.4.14

cpe:2.3:a:mongodb:mongodb:3.4.14
Mongodb » Mongodb » Version: 3.4.15

cpe:2.3:a:mongodb:mongodb:3.4.15
Mongodb » Mongodb » Version: 3.4.16

cpe:2.3:a:mongodb:mongodb:3.4.16
Mongodb » Mongodb » Version: 3.4.17

cpe:2.3:a:mongodb:mongodb:3.4.17
Mongodb » Mongodb » Version: 3.4.18

cpe:2.3:a:mongodb:mongodb:3.4.18
Mongodb » Mongodb » Version: 3.4.19

cpe:2.3:a:mongodb:mongodb:3.4.19
Mongodb » Mongodb » Version: 3.4.2

cpe:2.3:a:mongodb:mongodb:3.4.2
Mongodb » Mongodb » Version: 3.4.20

cpe:2.3:a:mongodb:mongodb:3.4.20
Mongodb » Mongodb » Version: 3.4.21

cpe:2.3:a:mongodb:mongodb:3.4.21
Mongodb » Mongodb » Version: 3.4.3

cpe:2.3:a:mongodb:mongodb:3.4.3
Mongodb » Mongodb » Version: 3.4.4

cpe:2.3:a:mongodb:mongodb:3.4.4
Mongodb » Mongodb » Version: 3.4.5

cpe:2.3:a:mongodb:mongodb:3.4.5
Mongodb » Mongodb » Version: 3.4.6

cpe:2.3:a:mongodb:mongodb:3.4.6
Mongodb » Mongodb » Version: 3.4.7

cpe:2.3:a:mongodb:mongodb:3.4.7
Mongodb » Mongodb » Version: 3.4.9

cpe:2.3:a:mongodb:mongodb:3.4.9
Mongodb » Mongodb » Version: 3.6.0

cpe:2.3:a:mongodb:mongodb:3.6.0
Mongodb » Mongodb » Version: 3.6.1

cpe:2.3:a:mongodb:mongodb:3.6.1
Mongodb » Mongodb » Version: 3.6.10

cpe:2.3:a:mongodb:mongodb:3.6.10
Mongodb » Mongodb » Version: 3.6.11

cpe:2.3:a:mongodb:mongodb:3.6.11
Mongodb » Mongodb » Version: 3.6.12

cpe:2.3:a:mongodb:mongodb:3.6.12
Mongodb » Mongodb » Version: 3.6.13

cpe:2.3:a:mongodb:mongodb:3.6.13
Mongodb » Mongodb » Version: 3.6.2

cpe:2.3:a:mongodb:mongodb:3.6.2
Mongodb » Mongodb » Version: 3.6.3

cpe:2.3:a:mongodb:mongodb:3.6.3
Mongodb » Mongodb » Version: 3.6.4

cpe:2.3:a:mongodb:mongodb:3.6.4
Mongodb » Mongodb » Version: 3.6.5

cpe:2.3:a:mongodb:mongodb:3.6.5
Mongodb » Mongodb » Version: 3.6.6

cpe:2.3:a:mongodb:mongodb:3.6.6
Mongodb » Mongodb » Version: 3.6.7

cpe:2.3:a:mongodb:mongodb:3.6.7
Mongodb » Mongodb » Version: 3.6.8

cpe:2.3:a:mongodb:mongodb:3.6.8
Mongodb » Mongodb » Version: 3.6.9

cpe:2.3:a:mongodb:mongodb:3.6.9
Mongodb » Mongodb » Version: 4.0.0

cpe:2.3:a:mongodb:mongodb:4.0.0
Mongodb » Mongodb » Version: 4.0.1

cpe:2.3:a:mongodb:mongodb:4.0.1
Mongodb » Mongodb » Version: 4.0.10

cpe:2.3:a:mongodb:mongodb:4.0.10
Mongodb » Mongodb » Version: 4.0.2

cpe:2.3:a:mongodb:mongodb:4.0.2
Mongodb » Mongodb » Version: 4.0.3

cpe:2.3:a:mongodb:mongodb:4.0.3
Mongodb » Mongodb » Version: 4.0.4

cpe:2.3:a:mongodb:mongodb:4.0.4
Mongodb » Mongodb » Version: 4.0.5

cpe:2.3:a:mongodb:mongodb:4.0.5
Mongodb » Mongodb » Version: 4.0.6

cpe:2.3:a:mongodb:mongodb:4.0.6
Mongodb » Mongodb » Version: 4.0.7

cpe:2.3:a:mongodb:mongodb:4.0.7
Mongodb » Mongodb » Version: 4.0.8

cpe:2.3:a:mongodb:mongodb:4.0.8
Mongodb » Mongodb » Version: 4.0.9

cpe:2.3:a:mongodb:mongodb:4.0.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-2389

Products

Pricing

Contact Us