USNS MONTFORD POINT - Findings

Showing 1 unique vulnerabilities (1 total) (filtered) View Documentation Status (90 tracked)

V-206633 CAT II The DBMS must generate audit records when unsuccessful attem...

1 asset 1 Closed Database Security Re...

Hostname	IP Address	Status	Assigned To	Last Scan	Actions
MONT-DB-002	-			2026-03-06
Finding Details No details recorded. Comments Page 2 of reference document SQL Anywhere 17 - Auditing Options.pdf and SQL Anywhere 17 – Database Activity Audit.pdf specify the types of auditing events captured in the audit log. A setting of ‘all’ includes auditing of unsuccessful permission checks or executions of DDL statements, option changes, triggers, and xp_cmdshell invocations as well as all actions that require system privileges.

Check Text

Review DBMS documentation to verify that authorized administrative users can designate actions as privileged and that audit records can be produced when the DBMS prevents attempted privileged actions. If the DBMS is not capable of this, this is a finding. Review the DBMS/database security and audit configurations to verify that audit records are produced when the DBMS prevents attempted privileged actions. If they are not produced, this is a finding.

Fix Text

Deploy a DBMS capable of producing the required audit records when the DBMS prevents attempted privileged action. Configure the DBMS to produce audit records when the DBMS prevents attempted privileged actions.

Finding Details

Comments

Check Text

Fix Text