Elastic Load Balancer (ELB) allows ingress access to mongod (with shardsvr option) default port 27018

Network misconfigurations

Elastic Load Balancer (ELB) allows ingress access to mongod (with shardsvr option) default port 27018

Platform(s)

Compliance Frameworks

CCPA
Data Security Posture Management (DSPM) Best Practices
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
UK Cyber Essentials

Description

Port 27018 is the default port for mongod when running with--shardsvr command-line option or the shardsvr value for the clusterRole setting in a configuration file. It is a security risk to expose a DB port to the public internet even though they are on a secure socket layer. Anyone on the internet can run port scanning tools, determine the open ports and launch specific attacks. It is a best practice to block public access, restrict access from specific IP addresses to port 27018 and make the connection secure.

Elastic Load Balancer (ELB) allows ingress access to mongod (with shardsvr option) default port 27018

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS