JetBackup 4 has reached end-of-life as of July 1st, 2024. Because JetBackup 4 is end-of-life, no further updates or support can be provided for this product. This guidance is provided solely as a short-term mitigation for MongoDB CVE-2025-14847. It does not constitute endorsement or support for EOL software, and upgrading to JetBackup 5 on a supported Operating System remains the recommended path. For more information on how to upgrade to JetBackup 5, please visit: JetBackup 4 EOL Announcement.
JetBackup v5.3.18.1+, v5.3.19.1+ and v5.3.12.1 (CentOS 7 Only) already include the patched MongoDB version and do not require further action. This article is only intended for JetBackup 4 users.
JetBackup 4 MongoDB installations are restricted to local connections only, and do not use the vulnerable networkMessageCompressors setting. However, MongoDB recommends immediate action to mitigate the vulnerability either by upgrading to a patched version or, if patching is not immediately possible, disabling zlib compression.
While we do not advise the use of JetBackup 4 past its EOL date, this article will ensure your JetBackup 4 installation applies MongoDB's official remediations.
Mitigation Option 1: Remove JetBackup 4, and install JetBackup 5 (Recommended)
We strongly recommend removing JetBackup 4 and installing JetBackup 5 v5.3.12.1 instead, which includes the patched MongoDB 4.4.30 dependency. JetBackup 4 is EOL and is not receiving any further updates or support. If you'd like information on migrating your settings, use the JB4 to JB5 Migration Guide here BEFORE following the instructions below.
Before starting, please check the links below:
- If you want to keep your current configurations, check the guide here: https://docs.jetbackup.com/v5.3/adminpanel/Resources/migrationguide.html
- If you want options for migrating to a JB5-supported OS so you receive the latest updates and support, we have several options to migrate here: https://blog.jetbackup.com/jetbackup4-eol/
1. Remove JetBackup 4:
NOTE: This will remove your existing configurations unless you follow one of the guides above!
yum remove jetbackup jetbackup-core jetguzzle* 2. Now, Install JetBackup v5.3.12.1 (the last version for CentOS 7):
jetapps --install jetbackup5-cpanel stable3. Verifying the Installation
Run the command below. If you see jetmongod-4.4.30.0 or newer, your MongoDB is using the patched version and not vulnerable.
[root@server4 ~]# yum info jetmongod
<snipped>
Installed Packages
Name : jetmongod
Arch : x86_64
Version : 4.4.30.0
Release : 2
Size : 213 M
Repo : installed
From repo : jetapps
Summary : Mongodb
URL : http://www.jetapps.com
License : GNU-AGPL-3.0 AND MPL-2
Description : Jet Package - mongodb noSQL databaseMitigation Option 2: Disable Network Compressors
THIS IS A TEMPORARY MITIGATION FOR MONGO CVE-2025-14847 ONLY AND NOT A REPLACEMENT FOR UPGRADING FROM EOL SOFTWARE.
If you cannot immediately upgrade, to ensure your MongoDB installation applies the recommendations from MongoDB.org, you must explicitly disable network compression by making the following changes in mongod.conf:
1. Edit the /usr/local/jetapps/etc/mongod.conf file:
THE FORMAT (INDENTS) OF THE CONFIG FILE MUST BE CORRECT IN ORDER FOR THE JETMONGOD SERVICE TO START PROPERLY
# Add compression explicitly disabled to "net" options group
# network interfaces
net:
compression:
compressors: disabled
port: 27217
bindIp: 127.0.0.1 # Listen to local interface only
2. Then, restart jetmongod:
service jetmongod restart
3. Verify Network Compressors are disabled by running the command below:
source /usr/local/jetapps/etc/.mongod.auth ; /usr/local/jetapps/usr/bin/mongosh mongodb://127.0.0.1:$PORT -u $USER -p $PASS --authenticationDatabase admin --eval 'db.adminCommand({ getCmdLineOpts: 1 })'Network Compressors are disabled when the output includes `compression: { compressors: 'disabled' }`
parsed: {
command: [ 'run' ],
config: '/usr/local/jetapps/etc/mongod.conf',
net: {
bindIp: '127.0.0.1',
compression: { compressors: 'disabled' },
port: 27217
},
If you have further questions, please do not hesitate to reach out to our Support Team!
