| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-206543 | CAT II | MONT-DB-002 | Database Security Requirements Guide | The DBMS must protect its audit features from unau... | - | |||
Check TextReview the access permissions to tools used to view or modify audit log data. These tools may include features within the DBMS itself or software external to the database. If appropriate permissions and access controls to prevent unauthorized removal are not applied to these tools, this is a finding. Fix TextApply or modify access controls and permissions (both within the DBMS and in the file system/operating system) to tools used to view or modify audit log data. Ensure that tools may be removed by authorized personnel only. CommentsThe database server can only be accessed by a privileged user who creates an Afloat Operations Service Desk ticket. Once the Afloat Operations Service Desk confirms the privileged user has the proper credentials, a domain admin account is created for the user and is valid for 14 days. The Audit log is generated in directory E:\IBSDatabaseAuditFiles\Logs\ShipCLIP, is in a non-human readable format, and can only be translated by the dbmanageetd tool located on the database server. The dbmanageetd tool does not have an option to delete the original audit log.
Source: Montford Point ShipCLIP DB V4R4.ckl
Scan Date: 2026-03-06T12:50:21.809591
Technology Area: Database Review
|
||||||||