MyCERT Advisories


MyCERT Advisories, Alerts and Summaries for the year 2017

MA-643.012017: MyCERT Advisory - MongoDB and Elasticsearch Default Installation without Authentication

Date first published: 17/1/2017
1st revision: 25/1/2017


1.0 Introduction
MyCERT received information regarding unavailability of security authentication in default MongoDB and Elasticsearch installation, thus making it potential to vulnerability and threats. MongoDB is a popular NoSQL database being used in big data and heavy analytics environments. Elasticsearch is a search engine based on Lucene.


2.0 Impact
The impact of not having proper security authentication, a remote attacker can access to the database system including create, read, update, and delete documents, collections, and databases. The attacker has also possible access to sensitive or confidential information of the database.

3.0 Affected Products
 All MongoDB and Elasticsearch versions with default installation and weak password.

4.0 Recommendations
 MyCERT highly recommends users of this application to enable security authentication, implement strong password and restrict access to the MongoDB and Elasticsearch service.

Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor and follow best practices and security policies to determine the necessary updates that should be in place.

For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999@cybersecurity.my or mycert@mycert.org.my
Phone: 1-300-88-2999 (monitored during business hours)

Fax: +603 89453442 

Mobile: +60 19 2665850 (24x7 call incident reporting)

SMS: CYBER999 REPORT EMAIL COMPLAINT to 15888

Business Hours: Mon - Fri 09:00 AM - 18:00 PM MYT

Web: http://www.mycert.org.my
Cyber999 Mobile Apps: IOS Users or Android Users


5.0 References