Security Vulnerability Scan of MongoDB

  • 27 April 2021
  • 1 reply

Badge +3


My Technical Security Team want to run a vulnerability scan of the MongoDB on several of my Commvault servers. They need some form of credentialed access into these databases? Is this possible or are the MongoDBs purely for internal Commvault use?




Best answer by Christian Negron 27 April 2021, 18:59

View original

1 reply

Userlevel 2
Badge +4

Hello Fergus,


The MongoDB configured on the Commserve/Web Servers is accessed using a Commvault back end account. These credentials are stored in the registry and Commserve database.


Commvault Support can decrypt the credentials if required. However, this would need a Support ticket to be created so an engineer may assist. 


>As an additional note, you can configure Mongo to use TLS/SSL for secured access (if required by your security team)



Please let me know if you find this information helpful. If you have any further questions or concerns, I would be more than happy to assist.