{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T21:09:19.511","vulnerabilities":[{"cve":{"id":"CVE-2025-6707","sourceIdentifier":"cna@mongodb.com","published":"2025-06-26T14:15:35.313","lastModified":"2025-09-26T19:03:00.850","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Under certain conditions, an authenticated user request may execute with stale privileges following an intentional change by an authorized administrator. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.24, MongoDB Server v7.0 version prior to 7.0.21 and MongoDB Server v8.0 version prior to 8.0.5."},{"lang":"es","value":"En determinadas circunstancias, una solicitud de usuario autenticado podría ejecutarse con privilegios obsoletos tras un cambio intencionado por parte de un administrador autorizado. Este problema afecta a MongoDB Server v5.0 (versión anterior a la 5.0.31), MongoDB Server v6.0 (versión anterior a la 6.0.24), MongoDB Server v7.0 (versión anterior a la 7.0.21) y MongoDB Server v8.0 (versión anterior a la 8.0.5)."}],"metrics":{"cvssMetricV31":[{"source":"cna@mongodb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}]},"weaknesses":[{"source":"cna@mongodb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.0.31","matchCriteriaId":"66128ED7-B1B4-44B8-9295-D27461F161EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.0.24","matchCriteriaId":"CCD411CE-AD9D-4E4D-BA8C-85B20DB98CBC"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.21","matchCriteriaId":"79459776-D987-42E8-B5DE-CD20126AAB2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.0.5","matchCriteriaId":"092AF039-4F08-4A57-AE38-FF84A0B7AEDF"}]}]}],"references":[{"url":"https://jira.mongodb.org/browse/SERVER-93497","source":"cna@mongodb.com","tags":["Issue Tracking","Vendor Advisory"]}]}}]}