| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-206579 | CAT II | MONT-DB-002 | Database Security Requirements Guide | The DBMS must reveal detailed error messages only ... | - | |||
Check TextCheck DBMS settings and custom database code to determine if detailed error messages are ever displayed to unauthorized individuals. If detailed error messages are displayed to individuals not authorized to view them, this is a finding. Fix TextConfigure DBMS settings, custom database code, and associated application code not to display detailed error messages to those not authorized to view them. CommentsNon-privileged users do not have direct access to the DBMS where database error messages are displayed. Only Administrative users can see the error messages in the DBMS. The database server can only be accessed by a privileged user, who creates an Afloat Operations Service Desk ticket. Once the Afloat Operations Service Desk confirms the privileged user has the proper credentials, a domain admin account is created for the user and is valid for 14 days. Installer accounts are created and sent from shore.
Source: Montford Point ShipCLIP DB V4R4.ckl
Scan Date: 2026-03-06T12:50:21.809591
Technology Area: Database Review
|
||||||||