CVE-2025-6710

MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may induce unwarranted levels of recursion, resulting in excessive stack space consumption. Such inputs can lead to a stack overflow that causes the server to crash which could occur pre-authorisation. This issue affects MongoDB Server v7.0 versions prior to 7.0.17 and MongoDB Server v8.0 versions prior to 8.0.5. The same issue affects MongoDB Server v6.0 versions prior to 6.0.21, but an attacker can only induce denial of service after authenticating.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://jira.mongodb.org/browse/SERVER-106749	Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mongodb:mongodb:::::-:::*
	cpe:2.3:a:mongodb:mongodb:::::-:::*
	cpe:2.3:a:mongodb:mongodb:::::-:::*

History

No history.

Information

Published : 2025-06-26 14:15

Updated : 2025-09-15 14:04

NVD link : CVE-2025-6710

Mitre link : CVE-2025-6710

CVE.ORG link : CVE-2025-6710

JSON object : View

Products Affected

mongodb

mongodb

CWE

CWE-674

Uncontrolled Recursion

{"id": "CVE-2025-6710", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-06-26T14:15:35.613", "references": [{"url": "https://jira.mongodb.org/browse/SERVER-106749", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-674"}]}], "descriptions": [{"lang": "en", "value": "MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may induce unwarranted levels of recursion, resulting in excessive stack space consumption. Such inputs can lead to a stack overflow that causes the server to crash which could occur pre-authorisation. This issue affects MongoDB Server v7.0 versions prior to 7.0.17 and MongoDB Server v8.0 versions prior to 8.0.5.\n\nThe same issue affects MongoDB Server v6.0 versions prior to 6.0.21, but an attacker can only induce denial of service after authenticating."}, {"lang": "es", "value": "MongoDB Server puede ser susceptible a desbordamientos de pila debido al mecanismo de an\u00e1lisis de JSON. Las entradas JSON manipuladas espec\u00edficamente pueden inducir niveles injustificados de recursi\u00f3n, lo que resulta en un consumo excesivo de espacio de pila. Estas entradas pueden provocar un desbordamiento de pila que provoque un bloqueo del servidor, lo cual podr\u00eda ocurrir antes de la autorizaci\u00f3n. Este problema afecta a MongoDB Server v7.0 anteriores a la 7.0.17 y a MongoDB Server v8.0 anteriores a la 8.0.5. El mismo problema afecta a MongoDB Server v6.0 anteriores a la 6.0.21, pero un atacante solo puede inducir una denegaci\u00f3n de servicio despu\u00e9s de la autenticaci\u00f3n."}], "lastModified": "2025-09-15T14:04:53.967", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "70C1D1C7-0822-4382-AEBD-FED9490491A0", "versionEndExcluding": "6.0.21", "versionStartIncluding": "6.0.0"}, {"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "7E13B043-4482-48D1-9874-A6C210462A4A", "versionEndExcluding": "7.0.17", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "564B8805-F93C-4F12-B29B-4EF3DD83CC9E", "versionEndExcluding": "8.0.5", "versionStartIncluding": "8.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}