CVE-2024-6382
Published: 02 July 2024
Summary
CVE-2024-6382 is a medium-severity Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability in Mongodb Rust Driver. Its CVSS base score is 6.4 (Medium).
Operationally, ranked at the 29.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-47489
Vulnerability details
Incorrect handling of certain string inputs may result in MongoDB Rust driver constructing unintended server commands. This may cause unexpected application behavior including data modification. This issue affects MongoDB Rust Driver 2.0 versions prior to 2.8.2
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.