CVE-2025-6714 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2025-6714?

CVE-2025-6714 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-6714?

Check the references section above for vendor advisories and patch information. Affected products include: Mongodb Mongodb.

Vulnerability Description

MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Server v8.0 prior to 8.0.9 Required Configuration: This affects MongoDB sharded clusters when configured with load balancer support for mongos using HAProxy on specified ports.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Mongodb	Mongodb	>= 6.0.0, < 6.0.23

Related Weaknesses (CWE)

CWE-834 CWE-400

References

https://jira.mongodb.org/browse/SERVER-106753Issue TrackingVendor Advisory

FAQ

What is CVE-2025-6714?

CVE-2025-6714 is a vulnerability with a CVSS score of 7.5 (HIGH). MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue a...

How severe is CVE-2025-6714?

CVE-2025-6714 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-6714?

Check the references section above for vendor advisories and patch information. Affected products include: Mongodb Mongodb.