Detections
Analytics

MD7X-00-009100 When updates are applied to MongoDB software, any software components that have been replaced or made unnecessary must be removed.

Information

Previous versions of DBMS components that are not removed from the information system after updates have been installed may be exploited by adversaries.

Some DBMSs' installation tools may remove older versions of software automatically from the information system. In other cases, manual review and removal will be required. In planning installations and upgrades, organizations must include steps (automated, manual, or both) to identify and remove the outdated modules.

A transition period may be necessary when both the old and the new software are required. This should be taken into account in the planning.

Solution

It is recommended to use the official installation packages provided by MongoDB. In the event the software was installed manually and permissions need to be restricted, consider a clean reinstallation.

Review this organizational or site-specific document to determine how and where MongoDB is to be installed on the system. Using this documentation, verify that MongoDB has been installed on the system prior to upgrading.

To verify the version of MongoDB Enterprise Server, run the following command in the directory where the MongoDB executable binary has been placed according to the organizational or site-specific documentation.

> cd <mongod binary directory>
> ./mongod --version

The output will show the version and architecture of the MongoDB Server binary similar to the following:

mongod --version
db version v7.0.8
Build Info: {
 "version": "7.0.8",
 "gitVersion": "c5d33e55ba38d98e2f48765ec4e55338d67a4a64",
 "openSSLVersion": "OpenSSL 1.1.1k FIPS 25 Mar 2021",
 "modules": [
 "enterprise"
 ],
 "allocator": "tcmalloc",
 "environment": {
 "distmod": "rhel80",
 "distarch": "x86_64",
 "target_arch": "x86_64"
 }
}

Verify that the version desired (what the upgraded version should be) matches what is shown in the output.

If the version is not what is expected, then remove the mongod binary from the system to prevent it from being used and consult the organizational or site-specific documents for further guidance.

Run the following commands as an operating system administrator to remove the MongoDB Enterprise Server binary from the system:

> cd <mongod binary directory>
> rm ./mongod

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MongoDB_Enterprise_Advanced_7-x_V1R1_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-2(6), CAT|II, CCI|CCI-002617, Rule-ID|SV-265951r1028639_rule, STIG-ID|MD7X-00-009100, Vuln-ID|V-265951

Plugin: Unix

Control ID: a6561bba4725f03afe95263468678a8f8ccdf4367502efbb4e9ccc5f62a3d449