#VU111869 Externally Controlled Reference to a Resource in Another Sphere in MongoDB - CVE-2024-8207

Cybersecurity Help s.r.o.

Published: 2025-06-24

Vulnerability identifier: #VU111869

Vulnerability risk: Medium

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-8207

CWE-ID: CWE-610

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
MongoDB
Server applications / Database software

Vendor: MongoDB, Inc.

Description

The vulnerability allows a local privileged user to execute arbitrary code on the target system.

The vulnerability exists in certain highly specific configurations of the host system and MongoDB server binary installation on Linux Operating Systems. A local privileged user with host-level access to cause the MongoDB Server binary can load unintended actor-controlled shared libraries when the server binary is started, potentially resulting in the unintended actor gaining full control over the MongoDB server process

Mitigation
Install updates from vendor's website.

Vulnerable software versions

MongoDB: 5.0.0 - 6.0.2

External links
https://jira.mongodb.org/browse/SERVER-69507
https://security.netapp.com/advisory/ntap-20250516-0009/

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Spectrum Protect Plus

Externally Controlled Reference to a Resource in Another Sphere in MongoDB