Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-13643

Опубликовано: 25 нояб. 2025
Источник: nvd
CVSS3: 3.1
CVSS3: 6.5
EPSS Низкий

Описание

A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. This may cause a denial of service by preventing a fraction of queries from successfully completing. This issue affects MongoDB Server v7.0 versions prior to 7.0.26 and MongoDB Server v8.0 versions prior to 8.0.14

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*
Версия от 7.0.0 (включая) до 7.0.26 (исключая)
cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*
Версия от 8.0.0 (включая) до 8.0.14 (исключая)
cpe:2.3:a:mongodb:mongodb:8.2.0:alpha:*:*:-:*:*:*
cpe:2.3:a:mongodb:mongodb:8.2.0:alpha0:*:*:-:*:*:*
cpe:2.3:a:mongodb:mongodb:8.2.0:alpha1:*:*:-:*:*:*
cpe:2.3:a:mongodb:mongodb:8.2.0:alpha2:*:*:-:*:*:*

EPSS

Процентиль: 14%
0.00045
Низкий

3.1 Low

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-862

Связанные уязвимости

ubuntu логотип

CVE-2025-13643

CVSS3: 3.1
ubuntu
около 2 месяцев назад

A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. This may cause a denial of service by preventing a fraction of queries from successfully completing. This issue affects MongoDB Server v7.0 versions prior to 7.0.26 and MongoDB Server v8.0 versions prior to 8.0.14

debian логотип

CVE-2025-13643

CVSS3: 3.1
debian
около 2 месяцев назад

A user with access to the cluster with a limited set of privilege acti ...

github логотип

GHSA-p2cp-6qqj-8xqc

CVSS3: 3.1
github
около 2 месяцев назад

A user with access to the cluster with a limited set of privilege actions may be able to terminate queries that are being executed by other users. This may cause a denial of service by preventing a fraction of queries from successfully completing. This issue affects MongoDB Server v7.0 versions prior to 7.0.26 and MongoDB Server v8.0 versions prior to 8.0.14

fstec логотип

BDU:2026-00269

CVSS3: 6.5
fstec
около 2 месяцев назад

Уязвимость сервера системы управления базами данных MongoDB, позволяющая нарушителю вызвать отказ в обслуживании

redos логотип

ROS-20251219-7304

CVSS3: 3.1
redos
28 дней назад

Уязвимость mongodb-org

EPSS

Процентиль: 14%
0.00045
Низкий

3.1 Low

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-862