CVE-2025-6714

{"id": "CVE-2025-6714", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cna@mongodb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-07-07T15:15:29.263", "references": [{"url": "https://jira.mongodb.org/browse/SERVER-106753", "source": "cna@mongodb.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "cna@mongodb.com", "description": [{"lang": "en", "value": "CWE-400"}, {"lang": "en", "value": "CWE-834"}]}], "descriptions": [{"lang": "en", "value": "MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Server v8.0 prior to 8.0.9\n\nRequired Configuration:\n\nThis affects MongoDB sharded clusters when configured with load balancer support for mongos using HAProxy on specified ports."}, {"lang": "es", "value": "El componente Mongos de MongoDB Server puede dejar de responder a nuevas conexiones debido a la gesti\u00f3n incorrecta de datos incompletos. Esto afecta a MongoDB cuando se configura con compatibilidad con balanceadores de carga. Este problema afecta a MongoDB Server v6.0 anterior a 6.0.23, MongoDB Server v7.0 anterior a 7.0.20 y MongoDB Server v8.0 anterior a 8.0.9. Configuraci\u00f3n requerida: Afecta a los cl\u00fasteres fragmentados de MongoDB cuando se configura con compatibilidad con balanceadores de carga para Mongos mediante HAProxy en los puertos especificados."}], "lastModified": "2025-07-08T16:18:34.923", "sourceIdentifier": "cna@mongodb.com"}