I'm up against a wall here. We had a data breach and i'm trying to figure out how it happened...
We use spring deployed via a docker image on a major cloud provider. earlier today someone was able to hit an endpoint that pointed directly at our mongo collection... there is not controller to allow this and there is no annotation to allow an endpoint to be created. I decompiled the running application looking for these things and there is none. My only idea is there's a proxy above the app somewhere pointing to our mongo...
Does ANYONE have any ideas as to how this can occur? Running the app locally against the same db does not work... some higher ups decided (rightly so) to terminate the whole system until we figure out whats going on... fortunately this is a legacy system and it doesn't really effect anything.
question from:
https://stackoverflow.com/questions/65839540/does-spring-mongo-expose-endpoints-for-collections-by-default 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
