Network misconfigurations

Azure virtual machine allows direct access to MongoDB service from the Internet

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

MongoDB is using 27017, 27018 and 27019 ports for mongod daemon when running. whose ports are open on your virtual machine and allows all incoming traffic from the Internet. In order to keep security best practices, you should restrict access to be only from allowed IP addresses.
  • Recommended Mitigation

    Configure networking rule to allow incoming MongoDB traffic from allowed IP addresses only.