The host is installed with MongoDB 4.0 before 4.0.11, 3.6 before 3.6.14 or 3.4 before 3.4.22 and is prone to an improper input vulnerability. A flaw is present in the application which fails to handle SysV init scripts. Successful exploitation allows an attacker to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init.