Last Modified at 1:15PM CT, February 19, 2015

Latest details from BMC


Recent research published by three students at Saarland University in Germany shows that a large number of MongoDB databases all over the globe have been misconfigured; this allows unauthenticated remote access to sensitive information.


BMC Software’s Application Security team has investigated the impact that the MongoDB security configuration vulnerability (described here) has on the security posture of BMC products and services.


The products below ship with a MongoDB database and if configured incorrectly might be vulnerable to the attacks described above. We recommend that our customers take the necessary steps to configure their MongoDB deployments securely as documented in the MongoDB manuals.

Products which include MongoDBRemediation / Patching
See this support article for instructions on configuring MongoDB in a secure fashion.