STIGQter: STIG Summary: MongoDB Enterprise Advanced 3.x Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jul 2020:

MongoDB must require users to reauthenticate when organization-defined circumstances or situations require reauthentication.

DISA Rule

SV-96627r1_rule

Vulnerability Number

V-81913

Group Title

SRG-APP-000389-DB-000372

Rule Version

MD3X-00-000700

Severity

CAT II

CCI(s)

CCI-002038 - The organization requires users to reauthenticate upon organization-defined circumstances or situations requiring reauthentication.

Weight

Fix Recommendation

Determine the organization-defined circumstances or situations that require reauthentication and ensure that the mongod and mongos processes are stopped/started (restart).

Check Contents

If organization-defined circumstances or situations require reauthentication, and these situations are not configured to terminate existing logins to require reauthentication, this is a finding.

Vulnerability Number

V-81913

Documentable

False

Rule Version

MD3X-00-000700

Severity Override Guidance

If organization-defined circumstances or situations require reauthentication, and these situations are not configured to terminate existing logins to require reauthentication, this is a finding.

Check Content Reference

Target Key

3265

MongoDB must require users to reauthenticate when organization-defined circumstances or situations require reauthentication.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments