https://live.paloaltonetworks.com/t5/general-topics/cve-2025-14847-mongodb-server-bulnerability/m-p/1244714#M125760 <P>A MongoDB vulnerability (CVE-2025-14847) was recently disclosed. We would like to verify whether Palo Alto Networks NGFW and any other Palo Alto Networks solutions are affected by this vulnerability, and if so, what mitigations or updates are recommended.</P> Mon, 29 Dec 2025 04:21:56 GMT JunSuLee 2025-12-29T04:21:56Z https://live.paloaltonetworks.com/t5/general-topics/cve-2025-14847-mongodb-server-bulnerability/m-p/1244714#M125760 <P>A MongoDB vulnerability (CVE-2025-14847) was recently disclosed. We would like to verify whether Palo Alto Networks NGFW and any other Palo Alto Networks solutions are affected by this vulnerability, and if so, what mitigations or updates are recommended.</P> Mon, 29 Dec 2025 04:21:56 GMT https://live.paloaltonetworks.com/t5/general-topics/cve-2025-14847-mongodb-server-bulnerability/m-p/1244714#M125760 JunSuLee 2025-12-29T04:21:56Z https://live.paloaltonetworks.com/t5/general-topics/cve-2025-14847-mongodb-server-bulnerability/m-p/1244726#M125762 <P>It seems the mondoDB version used is vulnerable, it's using 3.6.19 on 11.2 for example&nbsp;<BR /><A href="https://docs.paloaltonetworks.com/oss-listings/pan-os-oss-listings/pan-os-11-2-open-source-software-oss-listing" target="_blank">PAN-OS 11.2 OSS Listing</A><BR /><BR />Question is if zlib compression is enabled as it's required to be vulnerable&nbsp;<BR /><BR />There is however 0 official communication from Palo regarding this...&nbsp;<BR /><BR /></P> Mon, 29 Dec 2025 11:42:38 GMT https://live.paloaltonetworks.com/t5/general-topics/cve-2025-14847-mongodb-server-bulnerability/m-p/1244726#M125762 ellinorb 2025-12-29T11:42:38Z