CyberSecurityBoard
Sponsor Register Login

MongoDB Server Pre-Authentication Vulnerability Let Attackers Trigger DoS Condition

MongoDB Server v6.0 versions prior to 6.0.21 also contain the vulnerability, though exploitation requires successful authentication, reducing the immediate threat surface but still presenting risks from authenticated users. Organizations unable to implement immediate patches should consider implementing network-level access controls, disabling OIDC authentication temporarily if not critical to operations, or deploying web application firewalls capable of filtering malicious JSON payloads. The network-based attack vector (AV:N) combined with low attack complexity (AC:L) makes this vulnerability particularly concerning for internet-facing MongoDB deployments or those accessible through compromised network segments. According to the advisory, Security teams should prioritize immediate patching to the latest stable releases: MongoDB Server 6.0.21, 7.0.17, or 8.0.5, depending on their current deployment version. A critical pre-authentication denial of service vulnerability was identified as CVE-2025-6709, affecting multiple versions of MongoDB Server across its 6.0, 7.0, and 8.0 release branches. Malicious JSON payloads with crafted date values sent via MongoDB shell exploit OIDC authentication flaws. The attack mechanism bypasses traditional authentication requirements, making it particularly dangerous as it enables unauthenticated remote attackers to disrupt database operations. With a CVSS score of 7.5, this high-severity flaw poses significant risks to organizations running vulnerable MongoDB deployments in production environments.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 27 Jun 2025 10:40:10 +0000


Cyber News related to MongoDB Server Pre-Authentication Vulnerability Let Attackers Trigger DoS Condition

MongoDB Server Pre-Authentication Vulnerability Let Attackers Trigger DoS Condition - MongoDB Server v6.0 versions prior to 6.0.21 also contain the vulnerability, though exploitation requires successful authentication, reducing the immediate threat surface but still presenting risks from authenticated users. Organizations unable to ...
5 months ago Cybersecuritynews.com CVE-2025-6709
MongoDB Cyber Attack, Customer Data Exposed - MongoDB has experienced a security incident in which unauthorized access to its corporate systems was identified. The company confirmed that there was no evidence of access to any customer's system logs. MongoDB is currently investigating the ...
2 years ago Cybersecuritynews.com
CVE-2025-14847 - Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to ...
1 week ago
CVE-2021-32050 - Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are ...
2 years ago
What Is Kerberos Authentication?: Implementing Effective Security Protocols - Kerberos is a vital security protocol that any serious computer user must be familiar with. It is an open standard that provides a secure way of verifying the identity of user across multiple systems. The Kerberos authentication protocol is a ...
2 years ago Heimdalsecurity.com
CVE-2025-3085 - A MongoDB server under specific conditions running on Linux with TLS and CRL revocation status checking enabled, fails to check the revocation status of the intermediate certificates in the peer's certificate chain. In cases of MONGODB-X509, ...
8 months ago
CVE-2025-12893 - Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a client certificate not aligning with the documented Extended Key Usage (EKU) requirements. A certificate that specifies extendedKeyUsage but is missing ...
1 month ago
Passwordless Login: Effortless Authentication - Let's explore how passwordless login paves the way for seamless and secure user authentication, fostering trust and loyalty. The Password Dilemma Though conventional complex password-based authentication has long been a cornerstone of robust ...
1 year ago Feeds.dzone.com
MongoDB confirms customer data was exposed in a cyberattack - MongoDB is warning that its corporate systems were breached and that customer data was exposed in a cyberattack that was detected by the company earlier this week. In emails sent to MongoDB customers from CISO Lena Smart, the company says they ...
2 years ago Bleepingcomputer.com
MongoDB says customer data was exposed in a cyberattack - MongoDB is warning that its corporate systems were breached and that customer data was exposed in a cyberattack that was detected by the company earlier this week. In emails sent to MongoDB customers from CISO Lena Smart, the company says they ...
2 years ago Bleepingcomputer.com
CVE-2025-6714 - MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, ...
5 months ago
CVE-2024-7553 - Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of ...
1 year ago
CVE-2020-7922 - X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes cluster improper access to MongoDB instances. Customers who do not use X.509 authentication, and those who do not use the ...
1 year ago
CVE-2024-10921 - An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server. This issue affects MongoDB Server v5.0 versions prior to ...
1 year ago Tenable.com
CVE-2023-0436 - The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like GCP service account keys and API integration secrets while DEBUG mode logging is enabled. This issue affects MongoDB Atlas Kubernetes Operator versions: ...
1 year ago
CVE-2024-1351 - Under certain configurations of --tlsCAFile and tls.CAFile, MongoDB Server may skip peer certificate validation which may result in untrusted connections to succeed. This may effectively reduce the security guarantees provided by TLS and open ...
1 year ago
CVE-2024-8207 - In certain highly specific configurations of the host system and MongoDB server binary installation on Linux Operating Systems, it may be possible for a unintended actor with host-level access to cause the MongoDB Server binary to load unintended ...
1 year ago
CVE-2025-10061 - An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group ...
3 months ago
How to Use Context-Based Authentication to Improve Security - One of the biggest security weak points for organizations involves their authentication processes. Context-based authentication offers an important tool in the battle against credential stuffing, man-in-the-middle attacks, MFA prompt bombing, and ...
1 year ago Securityboulevard.com
CVE-2025-6713 - An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further ...
5 months ago
CVE-2025-10491 - The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories allowing a local attacker to introduce executable code to MongoDB's process via DLL hijacking. This issue affects MongoDB Server v6.0 version prior to ...
3 months ago
D-Link D-View 8 Unauthenticated Probe-Core Server Communication - A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. An unauthenticated remote attacker can register a host of his/her choice as a Probe server by sending ...
1 year ago Tenable.com
Top 10 Best Passwordless Authentication Tools in 2025 - Auth0 provides a flexible authentication and authorization platform that supports passwordless login methods, enhancing security and user experience by eliminating the need for traditional passwords. Okta provides a robust identity and access ...
9 months ago Cybersecuritynews.com
CVE-2025-6710 - MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may induce unwarranted levels of recursion, resulting in excessive stack space consumption. Such inputs can lead to a stack ...
5 months ago
CVE-2020-7924 - Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in accepting invalid certificates.This issue affects: ...
1 year ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)