| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-206539 | CAT II | MONT-DB-002 | Database Security Requirements Guide | The audit information produced by the DBMS must be... | - | |||
Check TextReview locations of audit logs, both internal to the database and database audit logs located at the operating system level. Verify there are appropriate controls and permissions to protect the audit information from unauthorized modification. If appropriate controls and permissions do not exist, this is a finding. Fix TextApply controls and modify permissions to protect database audit log data from unauthorized modification, whether stored in the database itself or at the OS level. CommentsThe database server can only be accessed by a privileged user who creates an Afloat Operations Service Desk ticket. Once the Afloat Operations Service Desk confirms the privileged user has the proper credentials, a domain admin account is created for the user and is valid for 14 days. The Audit log is generated in directory E:\IBSDatabaseAuditFiles\Logs\ShipCLIP, is in a non-human readable format, and can only be translated by the dbmanageetd tool located on the database server. The dbmanageetd tool cannot make modifications to the original audit log, but only produces an XML translation of the original audit log. Any modifications to the audit log will produce an error when the dbmanageetd tool tries to perform the translation.
Source: Montford Point ShipCLIP DB V4R4.ckl
Scan Date: 2026-03-06T12:50:21.809591
Technology Area: Database Review
|
||||||||