Skip to content

Mongobleed vuln check #5914

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Nohzoh wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

Mongobleed vuln check #5914

Nohzoh wants to merge 2 commits into from

Conversation

@Nohzoh
Copy link

@Nohzoh Nohzoh commented Dec 29, 2025
edited
Loading

Description

This pull request adds a new vulnerability check mode for MongoDB to detect exposure to the MongoBleed vulnerability (CVE-2025-14847).
It introduces a new monitoring mode that checks the running MongoDB server version and determines if it is vulnerable, patched, or not affected, based on known version ranges.
The new mode is integrated into the available plugin modes for MongoDB.

New MongoDB vulnerability detection:

  • Added a new mode vulnerabilities in database::mongodb::mode::vulnerabilities that checks if the MongoDB server is affected by CVE-2025-14847 (MongoBleed) by parsing the server version and comparing it against known vulnerable ranges. The mode outputs the vulnerability status and version details, and provides documentation and usage examples.
  • Registered the new vulnerabilities mode in the MongoDB plugin, making it available as a monitoring option.

Type of change

  • Patch fixing an issue (non-breaking change)
  • New functionality (non-breaking change)
  • Functionality enhancement or optimization (non-breaking change)
  • Breaking change (patch or feature) that might cause side effects breaking part of the Software

How this pull request can be tested ?

> docker run --name mongo -d --rm -p 27017:27017 mongo:8.2.3
> /usr/lib/centreon/plugins/centreon_mongodb.pl --plugin=database::mongodb::plugin --mode=vulnerabilities --hostname=localhost --port='27017' --no-ssl
OK: MongoDB version 8.2.3 is patched to CVE-2025-14847 (MongoBleed) 
> docker stop mongo
> docker run --name mongo -d --rm -p 27017:27017 mongo:8.2.2
> /usr/lib/centreon/plugins/centreon_mongodb.pl --plugin=database::mongodb::plugin --mode=vulnerabilities --hostname=localhost --port='27017' --no-ssl
CRITICAL: MongoDB version 8.2.2 is vulnerable to CVE-2025-14847 (MongoBleed)
> docker stop mongo

Checklist

  • I have followed the coding style guidelines provided by Centreon
  • I have commented my code, especially hard-to-understand areas of the PR.
  • I have rebased my development branch on the base branch (develop).
  • I have provide data or shown output displaying the result of this code in the plugin area concerned.

@Nohzoh Nohzoh requested a review from a team as a code owner December 29, 2025 14:21
@Nohzoh Nohzoh requested a review from Evan-Adam December 29, 2025 14:21
@github-actions
Copy link

github-actions bot commented Dec 29, 2025

Logo
Checkmarx One – Scan Summary & Detailsaca5627b-c403-4dab-bcde-d77fd81502df

Great job! No new security vulnerabilities introduced in this pull request

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Evan-Adam Evan-Adam Awaiting requested review from Evan-Adam Evan-Adam is a code owner automatically assigned from centreon/owners-perl

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

skip-workflow-plugins

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Nohzoh