A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no documents would be returned or written. This issue affects mongocryptd binary (v5.0 versions prior to 5.0.29, v6.0 versions prior to 6.0.17, v7.0 versions prior to 7.0.12 and v7.3 versions prior to 7.3.4) and mongo_crypt_v1.so shared libraries (v6.0 versions prior to 6.0.17, v7.0 versions prior to 7.0.12 and v7.3 versions prior to 7.3.4) released alongside MongoDB Enterprise Server versions.
History

Thu, 31 Oct 2024 14:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mongodb:mongo_crypt_v1.so:*:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:*:*:*:*:*:mongodb:*:*

Mon, 28 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 28 Oct 2024 13:15:00 +0000

Type Values Removed Values Added
Description A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no documents would be returned or written. This issue affects mongocryptd binary (v5.0 versions prior to 5.0.29, v6.0 versions prior to 6.0.17, v7.0 versions prior to 7.0.12 and v7.3 versions prior to 7.3.4) and mongo_crypt_v1.so shared libraries (v6.0 versions prior to 6.0.17, v7.0 versions prior to 7.0.12 and v7.3 versions prior to 7.3.4) released alongside MongoDB Enterprise Server versions.
Title CSFLE and Queryable Encryption self-lookup may fail to encrypt values in subpipelines
First Time appeared Mongodb
Mongodb mongo Crypt V1.so
Mongodb mongocryptd
Weaknesses CWE-319
CPEs cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.0:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.10:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.11:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.12:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.13:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.14:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.15:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.16:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.1:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.2:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.3:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.4:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.5:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.6:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.7:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.8:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:6.0.9:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.0.0:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.0.10:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.0.11:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.0.1:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.0.2:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.0.3:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.0.4:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.0.5:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.0.6:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.0.7:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.0.8:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.0.9:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.3.0:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.3.1:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.3.2:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongo_crypt_v1.so:7.3.3:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.0:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.10:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.11:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.12:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.13:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.14:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.15:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.16:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.17:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.18:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.19:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.1:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.20:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.21:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.22:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.23:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.24:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.25:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.26:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.27:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.28:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.2:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.3:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.4:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.5:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.6:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.7:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.8:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:5.0.9:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.0:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.10:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.11:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.12:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.13:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.14:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.15:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.16:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.1:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.2:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.3:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.4:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.5:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.6:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.7:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.8:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:6.0.9:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.0.0:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.0.10:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.0.11:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.0.1:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.0.2:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.0.3:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.0.4:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.0.5:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.0.6:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.0.7:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.0.8:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.0.9:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.3.0:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.3.1:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.3.2:*:*:*:*:mongodb:*:*
cpe:2.3:a:mongodb:mongocryptd:7.3.3:*:*:*:*:mongodb:*:*
Vendors & Products Mongodb
Mongodb mongo Crypt V1.so
Mongodb mongocryptd
References
Metrics cvssV3_1

{'score': 2.2, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mongodb

Published: 2024-10-28T12:58:05.317Z

Updated: 2024-10-28T13:39:31.561Z

Reserved: 2024-08-20T15:39:32.550Z

Link: CVE-2024-8013

cve-icon Vulnrichment

Updated: 2024-10-28T13:39:27.337Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-28T13:15:10.200

Modified: 2024-10-31T13:33:03.953

Link: CVE-2024-8013

cve-icon Redhat

No data.