| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-206559 | CAT I | MONT-DB-002 | Database Security Requirements Guide | The DBMS must enforce authorized access to all PKI... | - | |||
Check TextReview DBMS configuration to determine whether appropriate access controls exist to protect the DBMS's private key(s). If the DMBS’s private key(s) are not stored in a FIPS 140-2 or 140-3 validated cryptographic module, this is a finding. If access to the DBMS’s private key(s) is not restricted to authenticated and authorized users, this is a finding. Fix TextStore all DBMS PKI private keys in a FIPS 140-2 or 140-3 validated cryptographic module. Ensure access to the DBMS PKI private keys is restricted to only authenticated and authorized users. CommentsThe database server can only be accessed by a privileged user, who creates an Afloat Operations Service Desk ticket. Once the Afloat Operations Service Desk confirms the privileged user has the proper credentials, a domain admin account is created for the user and is valid for 14 days. Access to PKI private keys is restricted to privileged users having direct access to the server. Files containing In-transit and at-rest encryption keys are obfuscated. If the keys are modified, the database will not start or be accessible.
Source: Montford Point ShipCLIP DB V4R4.ckl
Scan Date: 2026-03-06T12:50:21.809591
Technology Area: Database Review
|
||||||||