MongoDB, Memcache, and ElasticSearch exposed with insecure default settings

critical

securityUpdated Jul 2, 2021(via Exa)

Sources

System Misconfigurations Can Put Your Data at Risktenable.com

Technologies:

Tenablesubject

MongoDBThe root cause of this issue originates in MongoDB

MemcachedThe root cause of this issue originates in Memcached

ElasticsearchThe root cause of this issue originates in Elasticsearch

How to detect:

MongoDB, Memcache, and ElasticSearch instances running with default configurations that are not intended to be secure, responding to internet scans. Hundreds of thousands of servers exposed, delivering over a terabyte of accessible data.

Recommended action:

Scan for internet-exposed MongoDB, Memcache, and ElasticSearch instances. Review vendor security documentation for each application and harden default configurations. Block direct internet access to database and cache service ports. Implement authentication and network-level access controls before production deployment.