CVE-2016-3104

Name of the Vulnerable Software and Affected Versions MongoDB versions 2.6, 2.4

Description The issue allows remote attackers to cause a denial of service, resulting in memory consumption and process termination. This occurs when authenticating against a non-existent database, leveraging in-memory database representation.

Recommendations For MongoDB version 2.4, consider upgrading to a version that does not use 2.4-style users to mitigate the risk. For MongoDB version 2.6, avoid authenticating against non-existent databases as a temporary workaround until a patch is available.