Description

A MongoDB server under specific conditions running on Linux with TLS and CRL revocation status checking enabled, fails to check the revocation status of the intermediate certificates in the peer's certificate chain. In cases of MONGODB-X509, which is not enabled by default, this may lead to improper authentication. This issue may also affect intra-cluster authentication. This issue affects MongoDB Server v5.0 versions prior to 5.0.31, MongoDB Server v6.0 versions prior to 6.0.20, MongoDB Server v7.0 versions prior to 7.0.16 and MongoDB Server v8.0 versions prior to 8.0.4. Required Configuration : MongoDB Server must be running on Linux Operating Systems and CRL revocation status checking must be enabled

INFO

Published Date :

2025-04-01T12:05:05.401Z

Last Modified :

2025-04-01T13:03:02.701Z

Source :

mongodb
AFFECTED PRODUCTS

The following products are affected by CVE-2025-3085 vulnerability.

Vendors Products
Mongodb
  • Mongodb
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-3085.

URL Resource
https://jira.mongodb.org/browse/SERVER-95445 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact