PT-2025-47990 · Mongodb+1 · Mongodb Server+2
Published
2025-11-25
·
Updated
2025-12-19
·
CVE-2025-13643
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
MongoDB Server versions prior to 7.0.26
MongoDB Server versions prior to 8.0.14
Description
A user with limited privileges within a cluster may be able to terminate queries initiated by other users. This could lead to a denial of service by preventing some queries from completing successfully.
Recommendations
Update MongoDB Server to version 7.0.26 or later.
Update MongoDB Server to version 8.0.14 or later.
Fix
DoS
LPE
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mongodb Server
Mongodb
Red Os