The host is installed with MongoDB 3.6 before 3.6.13 or 4.0 before 4.0.10 and is prone to an improper input validation vulnerability. A flaw is present in the application which fails to handle specially crafted applyOps invocation. Successful exploitation can cause denial of service.