file-mongodb-audit-log-disabled: MongoDB Audit Logging Disabled

日期: 2025-08-01 | 影响软件: MongoDB | POC: 已公开

漏洞描述

Ensures MongoDB audit logging is enabled.

PoC代码[已公开]

id: file-mongodb-audit-log-disabled

info:
  name: MongoDB Audit Logging Disabled
  author: pussycat0x
  severity: high
  description: |
    Ensures MongoDB audit logging is enabled.
  remediation: |
    Set 'auditLog.destination: file' and specify 'path' in /etc/mongod.conf.
  reference:
    - https://wiki.devsecopsguides.com/docs/checklists/mongodb/
    - https://www.mongodb.com/docs/manual/tutorial/configure-audit-filters/
  metadata:
    verified: true
  tags: mongodb,audit,file,hardening

file:
  - extensions:
      - conf

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "storage"
          - "operationProfiling"
        condition: and

      - type: word
        words:
          - "#auditLog:"
        negative: true
# digest: 4b0a00483046022100a4be753f2dc7c1f5c4b18050de59a9a32dc957c481069498f17be2ae183ac352022100f8541ba8aa5f2bff0d8fcaac9815ee649d1ef65fbbea50890d69290510cd0843:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./file/audit/mongodb/file-mongodb-audit-log-disabled.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐