CVE-2022-24272

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to and including v5.0.6

Description An authenticated user may trigger an invariant assertion during command dispatch due to incorrect validation on the $external database. This may result in mongod denial of service or server crash.

Recommendations For versions prior to and including v5.0.6, update to a version later than v5.0.6 to resolve the issue. As a temporary workaround, consider restricting access to the $external database to minimize the risk of exploitation.