Documentation - V-265922

V-265922

MongoDB Enterprise Advanced 7.x Security Technical Implementation Guide

CAT I

Title

MongoDB must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.

Description

<VulnDiscussion>Use of weak or not validated cryptographic algorithms undermines the purposes of using encryption and digital signatures to protect data. Weak algorithms can be easily broken and not validated cryptographic modules may not implement algorithms correctly. Unapproved cryptographic modules or algorithms should not be relied on for authentication, confidentiality, or integrity. Weak cryptography could allow an attacker to gain access to and modify data stored in the database as well ...

Fix Text (Documentation Requirement)

Enable FIPS mode for MongoDB Enterprise. Edit the MongoDB database configuration file (default location: /etc/mongod.conf) to contain the following parameter setting: net: tls: FIPSMode: true Restart the MongoDB service from the OS. $ sudo systemctl restart mongod For the operating system finding, refer to the appropriate operating system documentation for the procedure to install, configure, and test FIPS mode.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel