1.1 Ensure the appropriate MongoDB software version/patches are installed

Information

The MongoDB installation version, along with the patch level, should be the most recent that is compatible with the organization's operational needs.

Rationale:

Using the most recent MongoDB software version along with all applicable patches helps limit the possibilities for vulnerabilities in the software. The installation version and/or patches applied should be selected according to the needs of the organization. At minimum, the software version should be supported.

Note that as of June 2017, only MongoDB versions 3.0/3.2/3.4 are still supported.

Solution

Upgrade to the latest version of the MongoDB software:

1. Backup the data set.

2. Download the binaries for the latest MongoDB revision from the MongoDB Download Page and store the binaries in a temporary location. The binaries download as compressed files that extract to the directory structure used by the MongoDB installation.

3. Shutdown the MongoDB instance.

4. Replace the existing MongoDB binaries with the downloaded binaries.

5. Restart the MongoDB instance.

Default Value:

Patches are not installed by default.

See Also

https://workbench.cisecurity.org/files/1725

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7(5), CSCv6|4

Plugin: MongoDB

Control ID: 657bd54aaf092ef8dbda5b73a663da682eb6d1f9d22da84ce8ce08ee9ca76ad3