MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

An XCCDF Rule

Description

<VulnDiscussion>MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-221159r879530_rule
Severity: High
References: CCI-000213
Updated: 9 months ago

Use createRole(), updateRole(), dropRole(), grantRole() statements to add and remove permissions on server-level securables, bringing them into line with the documented requirements.

MongoDB commands for role management can be found here:
https://docs.mongodb.com/v3.4/reference/method/js-role-management/

MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Description

Remediation - Manual Procedure