Headline
CVE-2022-48282: System Dashboard - MongoDB Jira
Under very specific circumstances (see Required configuration section below), a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C#. This affects all MongoDB .NET/C# Driver versions prior to and including v2.18.0
Welcome to MongoDB’s Issue Tracker****I am a customer. Where do I create a Support case?
- MongoDB customers should always use the Support Portal to obtain the fastest response and ensure privacy.
- MongoDB Cloud Manager or MongoDB Atlas customers should follow the Help link in Cloud Manager/ Atlas to create a ticket in the Support Portal.
- Please note: MongoDB Support no longer utilizes JIRA. Tickets opened via JIRA will not alert the Support Team and will not trigger any SLA timers.
I am not a customer. Where should I ask general product or support questions?
MongoDB team members are active in community forums and you can also benefit from the experience of other MongoDB users. You should also consult our excellent documentation.
- For general questions or community support use the MongoDB Community forums.
- StackExchange also has several sites with MongoDB topics:
- Stack Overflow (programming questions)
- DBA StackExchange (database administration questions)
- ServerFault (server and networking questions)
How do I create a feature request?
All MongoDB users can share your ideas via the MongoDB Feedback Engine.
Which JIRA project should I use to report bugs?
- To report potential bugs in the MongoDB database server, use Core Server (SERVER).
- For language-specific drivers (Java, C++, etc.), create a ticket for the relevant language driver.
- To report a product security vulnerability, use SECURITY, a confidential space private to you and our development team.
- Unless otherwise specified, comments and attachments in public projects will be visible to the public.
How can I follow or upvote an existing issue in JIRA?
If an issue already exists:
- Vote for that issue to show your support. Voting provides a helpful signal to help prioritize issues in the product/development roadmap.
- Watch an issue to subscribe to any future updates such as comments or changes in status.
Tips for creating issues
The more information you can provide, the easier it is for us to diagnose problems and provide support:
- Search to find if the issue you are reporting has been reported previously
- Include any statement or command that reproduces the issue you are experiencing
- Mention the specific version of the database, client, and driver you are using
- Include details about your environment, e.g. O/S, software platform, hardware, etc.
Receive release announcements from MongoDB
Sign up to be added to our product release announcements mailing list. You’ll receive notifications when new versions of MongoDB Enterprise Advanced, the BI Connector, Compass and Ops Manager become available.
Related news
Under very specific circumstances (see Required configuration section below), a privileged user is able to cause arbitrary code to be executed which may cause further disruption to services. This is specific to applications written in C#. This affects all MongoDB .NET/C# Driver versions prior to and including v2.18.0