CVE-2025-3085 MongoDB Server running on Linux may allow unexpected connections where intermediate certificates are revoked

🗓️ 01 Apr 2025 12:05:05Reported by mongodbType

MongoDB Server on Linux may allow unexpected connections due to revocation status checking failure.

Reporter	Title	Published	Views	Family All 24
BDU FSTEC	The vulnerability of the SSLManagerOpenSSL class in the MongoDB database management system allows a hacker to circumvent security restrictions.	19 May 202500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the MongoDB database management system, related to access control errors, allows attackers to gain unauthorized access to protected information.	29 May 202500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the explain function in the MongoDB database management system allows a hacker to cause a service failure.	30 May 202500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Mongo fragment processing tool for MongoDB database management systems allows a hacker to induce a service failure.	30 May 202500:00	–	bdu_fstec
Circl	CVE-2025-3085	1 Apr 202512:32	–	circl
CNNVD	MongoDB Server 安全漏洞	1 Apr 202500:00	–	cnnvd
CVE	CVE-2025-3085	1 Apr 202512:05	–	cve
EUVD	EUVD-2025-9311	3 Oct 202520:07	–	euvd
MongoDB	MongoDB Server running on Linux may allow unexpected connections where intermediate certificates are revoked	1 Apr 202509:16	–	mongodb
Tenable Nessus	MongoDB 5.0.x < 5.0.31 / 6.0.x < 6.0.20 / 7.0.x < 7.0.16 / 8.0.x < 8.0.4 Improper Check for Certificate Revocation (SERVER-95445)	21 Jan 202600:00	–	nessus

[
  {
    "cpes": [
      "cpe:2.3:a:mongodb:mongodb:5.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.3:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.4:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.5:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.6:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.7:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.8:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.9:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.10:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.11:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.12:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.13:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.14:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.15:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.16:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.17:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.18:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.19:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.20:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.21:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.22:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.23:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.24:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.25:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.26:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.27:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.28:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.29:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:5.0.30:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.3:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.4:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.5:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.6:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.7:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.8:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.9:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.10:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.11:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.12:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.13:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.14:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.15:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.16:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.17:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.18:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:6.0.19:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.3:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.4:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.5:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.6:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.7:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.8:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.9:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.10:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.11:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.12:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.13:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.14:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:7.0.15:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:8.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:8.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:8.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:mongodb:mongodb:8.0.3:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "MongoDB Server",
    "vendor": "MongoDB Inc",
    "versions": [
      {
        "lessThan": "5.0.31",
        "status": "affected",
        "version": "5.0",
        "versionType": "custom"
      },
      {
        "lessThan": "6.0.20",
        "status": "affected",
        "version": "6.0",
        "versionType": "custom"
      },
      {
        "lessThan": "7.0.16",
        "status": "affected",
        "version": "7.0",
        "versionType": "custom"
      },
      {
        "lessThan": "8.0.4",
        "status": "affected",
        "version": "8.0.",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
jira	www.jira.mongodb.org/browse/SERVER-95445

01 Apr 2025 12:05Current

CVSS 3.18.1

EPSS0.00247

CWE-299