-
Type: Investigation
-
Resolution: Done
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: None
-
None
-
Not Needed
Changes to collstats command, slow query log, profiler, currentOp command, top command, and $planCacheStats aggregation stage by omitting or redacting information. See scope for details
Description of Linked Ticket
Summary
Enhance MongoDB redaction to reduce QE leakage
Motivation
Attackers may or may not be able to learn information about customers data or queries from diagnostic information recorded by MongoDB. Information sources that we are concerned about include the profiler, the slow query information in the log file, currentOp command, the top command, auditing and FTDC.
Documentation
- related to
-
COMPASS-6593 Add an indicator to the performance tab stating information on collections with queryable encryption is not available
- Closed
-
MONGOSH-1403 Ensure `collStats` and `currentOp` command and stage result handling permits missing information
- Closed