Our Security and Network team want to Upgrade Splunk MongoD due to vulnerability cases.
in my own knowledge: Mongod as an underlying component of KVStore can be upgraded separately but may encounter an issue after.
Also, this component will upgrade along with Splunk Enterprise Upgrade.
Is it advisable to upgrade alone or should we upgrade Splunk?
As you suspected, its not possible to update the MongoDB. You need to upgrade Splunk.