Network misconfigurations

AWS EC2 instance allows public ingress access on mongod default port 27017

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Port 27017 is the default port for mongod and mongose instances. It is a security risk to expose DB port to the public internet even though they are on a secure socket layer. Anyone on the internet can run port scanning tools, determine the open ports and launch specific attacks. It is a best practice to block public access, restrict access from specific IP addresses to port 27017 and make the connection secure.

  • Recommended Mitigation

    It is recommended to replace the source IP of the rule with a specific IP address or delete the rule.

Need help?

Get a free Security Risk Assessment. Start today

Orca Security Demo Demo the Orca Platform-> In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.