| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-206557 | CAT I | MONT-DB-002 | Database Security Requirements Guide | If passwords are used for authentication, the DBMS... | - | |||
Check TextReview configuration settings for encrypting passwords in transit across the network. If passwords are not encrypted, this is a finding. If it is determined that passwords are passed unencrypted at any point along the transmission path between the source and destination, this is a finding. Fix TextConfigure encryption for transmission of passwords across the network. If the database does not provide encryption for logon events natively, employ encryption at the OS or network level. Ensure passwords remain encrypted from source to destination. CommentsDatabase or application connections transmit data using TLS in-transit encryption which includes the encrypted representations of passwords. In-transit encryption is configured in the smisdbs17-E.cfg file using the -ec option and specifying the identity path+filename of the obfuscated TLS configuration file.
Source: Montford Point ShipCLIP DB V4R4.ckl
Scan Date: 2026-03-06T12:50:21.809591
Technology Area: Database Review
|
||||||||