MongoDB Encrypted via mongocryptd $lookup Bug v5.0-5.0.28,6.0-6.0.16,7.0-7.0.11
CVE-2024-8013 Published on October 28, 2024
CSFLE and Queryable Encryption self-lookup may fail to encrypt values in subpipelines
A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no documents would be returned or written. This issue affects mongocryptd binary (v5.0 versions prior to 5.0.29, v6.0 versions prior to 6.0.17, v7.0 versions prior to 7.0.12 and v7.3 versions prior to 7.3.4) and mongo_crypt_v1.so shared libraries (v6.0 versions prior to 6.0.17, v7.0 versions prior to 7.0.12 and v7.3 versions prior to 7.3.4) released alongside MongoDB Enterprise Server versions.
Vulnerability Analysis
CVE-2024-8013 can be exploited with local system access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.
Weakness Type
Cleartext Transmission of Sensitive Information
The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. Many communication channels can be "sniffed" by attackers during data transmission. For example, network traffic can often be sniffed by any attacker who has access to a network interface. This significantly lowers the difficulty of exploitation by attackers.
Products Associated with CVE-2024-8013
stack.watch emails you whenever new vulnerabilities are published in MongoDB Mongo Crypt V1 So or MongoDB Mongocryptd. Just hit a watch button to start following.
Affected Versions
MongoDB Inc mongocryptd:- Version 5.0 and below 5.0.29 is affected.
- Version 6.0 and below 6.0.17 is affected.
- Version 7.0 and below 7.012 is affected.
- Version 7.3 and below 7.3.4 is affected.
- Version 6.0 and below 6.0.17 is affected.
- Version 7.0 and below 7.0.12 is affected.
- Version 7.3 and below 7.3.4 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.