CRE-2025-0126

MongoDB Replica Set Primary Election FailureHigh

Impact: 10/10

Mitigation: 7/10

CRE-2025-0126View on GitHub

High AvailabilityQuorumLeader ElectionNetworkTimeoutCrashData Loss

Description

Detects high-severity MongoDB replica set primary election failures that result in no primary node being available,\ncausing complete service unavailability. This rule targets catastrophic conditions that break replica set consensus:\n - Primary node failures followed by election timeouts where no secondary can become primary\n - Network partitions isolating replica set members and preventing quorum formation\n - Heartbeat failures and connectivity issues leading to election failures\n - Replica set state transitions indicating election problems\n

Mitigation

PREVENTION:\n - Monitor replica set member health and network connectivity\n - Set appropriate election timeout values for network conditions\n - Ensure sufficient replica set members for quorum formation\n - Monitor resource usage (CPU, memory, disk) on all nodes\nRESPONSE:\n - Check replica set status: rs.status()\n - Restart failed replica set members\n - Reconnect isolated network segments\n - Force replica set reconfiguration if needed\n - Consider adding additional replica set members\n

References

• https://docs.mongodb.com/manual/core/replica-set-elections/
• https://docs.mongodb.com/manual/tutorial/troubleshoot-replica-sets/
• https://docs.mongodb.com/manual/core/replica-set-high-availability/