The DBMS must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-265943 | SRG-APP-000383-DB-000364 | MD7X-00-008000 | SV-265943r1028615_rule | 2024-09-27 | 1 |
| Description |
|---|
| Use of nonsecure network functions, ports, protocols, and services exposes the system to avoidable threats. |
| ℹ️ Check |
|---|
| Review the network functions, ports, protocols, and services supported by the DBMS. If any protocol is prohibited by the PPSM guidance and is enabled, this is a finding. |
| ✔️ Fix |
|---|
| Deploy a DBMS capable of disabling a network function, port, protocol, or service prohibited by the PPSM guidance. Disable each prohibited network function, port, protocol, or service. More information for MongoDB port management can be found at the following link: https://www.mongodb.com/docs/manual/reference/default-mongodb-port/ |