| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-263613 | CAT II | MONT-DB-002 | Database Security Requirements Guide | The DBMS must, for password-based authentication, ... | - | |||
Check TextVerify the DBMS is configured to verify when users create or update passwords, that the passwords are not found on the list of commonly-used, expected, or compromised passwords in IA-5 (1) (a). If the DBMS is not configured to verify when users create or update passwords, that the passwords are not found on the list of commonly-used, expected, or compromised passwords in IA-5 (1) (a), this is a finding. Fix TextConfigure the DBMS to verify when users create or update passwords, that the passwords are not found on the list of commonly-used, expected, or compromised passwords in IA-5 (1) (a). CommentsBased on DOD password criteria, the minimum 15-character length, the use of 2 special, 2 upper-case and 2 lower-case characters required for login eliminate commonly used passwords.
Source: Montford Point ShipCLIP DB V4R4.ckl
Scan Date: 2026-03-06T12:50:21.809591
Technology Area: Database Review
|
||||||||