Network misconfigurations

Elastic Load Balancer (ELB) allows ingress access to MongoDB port 27017

Platform(s)
Compliance Frameworks

CCPA, Data Security Posture Management (DSPM) Best Practices, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, Orca Best Practices, UK Cyber Essentials

Description

Port 27017 is the default port for mongod and mongose instances. It is a security risk to expose a DB port to the public internet even though they are on a secure socket layer. Anyone on the internet can run port scanning tools, determine the open ports and launch specific attacks. It is a best practice to block public access, restrict access from specific IP addresses to port 27017 and make the connection secure.