V-206544
CAT IIThe DBMS must limit privileges to change software modules, to include stored procedures, functions and triggers, and links to software external to the DBMS.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 1
Check Text
Review monitoring procedures and implementation evidence to verify monitoring of changes to database software libraries, related applications, and configuration files is done.
Verify the list of files, directories, and database application objects (procedures, functions, and triggers) being monitored is complete.
If monitoring does not occur or is not complete, this is a finding.
Fix Text
Implement procedures to monitor for unauthorized changes to DBMS software libraries, related software application libraries, and configuration files. If a third-party automated tool is not employed, an automated job that reports file information on the directories and files of interest and compares them to the baseline report for the same will meet the requirement.
Use file hashes or checksums for comparisons, as file dates may be manipulated by malicious users.
STIG Reference
- STIG
- Database Security Requirements Guide
- Version
- 4
- Release
- 5
- Rule ID
- SV-206544r960960_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | Montford Point ShipCLIP DB V4R4.ckl | Unassigned | 2026-03-06T12:50:21.809591 | View in Context |