| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-206596 | CAT II | MONT-DB-002 | Database Security Requirements Guide | The DBMS must prohibit user installation of logic ... | - | |||
Check TextIf the DBMS supports only software development, experimentation and/or developer-level testing (that is, excluding production systems, integration testing, stress testing, and user acceptance testing), this is not a finding. Review the DBMS and database security settings with respect to nonadministrative users' ability to create, alter, or replace logic modules, to include but not necessarily only stored procedures, functions, triggers, and views. If any such permissions exist and are not documented and approved, this is a finding. Fix TextDocument and obtain approval for any nonadministrative users who require the ability to create, alter or replace logic modules. Implement the approved permissions. Revoke any unapproved permissions. CommentsThe database server can only be accessed by a privileged user who creates an Afloat Operations Service Desk ticket. Once the Afloat Operations Service Desk confirms the privileged user has the proper credentials, a domain admin account is created for the user and is valid for 14 days. Only MSC-authorized installers with administrator privileges can install DBMS modules. Only database DBA or SSO roles can install or modify logic modules.
Source: Montford Point ShipCLIP DB V4R4.ckl
Scan Date: 2026-03-06T12:50:21.809591
Technology Area: Database Review
|
||||||||