Skip to main content
CUI

STIG Rule - V-279331

Back to STIG Browser

V-279331

SV-279331r1179501_rule

CAT III

MongoDB must limit the total number of concurrent connections to the database.

From: MongoDB Enterprise Advanced 8.x Security Technical Implementation Guide (V1R1)

Description

<VulnDiscussion>Database management includes the ability to control the number of users and user sessions utilizing a DBMS. Unlimited concurrent connections to the DBMS could allow a successful denial-of-service (DoS) attack by exhausting connection resources; and a system can also fail or be degraded by an overload of legitimate users. Limiting the number of concurrent sessions per user is helpful in reducing these risks. This requirement addresses concurrent session control for the total number of sessions across all accounts. (Sessions may also be referred to as connections or logons, which for the purposes of this requirement are synonyms.)</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

Check Procedure

Mongo can limit the total number of connections. Verify the MongoDB configuration file (default location: /etc/mongod.conf) contains the following: net: maxIncomingConnections: %int% If this parameter is not present, or the OS is not used to limit connections, this is a finding.

Fix Text

MongoDB can limit the total number of connections served by the mongod process by setting the following in the MongoDB configuration file (default location: /etc/mongod.conf): net: maxIncomingConnections: %int% Refer to the following documentation: https://www.mongodb.com/docs/manual/reference/configuration-options/ Products outside of MongoDB can be used to monitor database sessions and limit the maximum number of connections that can be made. Alternatively, most Unix-like operating systems, including Linux and macOS, provide ways to limit and control the usage of system resources such as threads, files, and network connections on a per-process and per-user basis. These ulimits prevent single users from using too many system resources. The following is the MongoDB documentation regarding these user limits: https://www.mongodb.com/docs/manual/reference/ulimit/.

CCI Reference

CCI-000054
Created
2026-04-07 20:08:22
Last Updated
2026-04-07 20:08:22
Back to Browse
CUI