V-206565
CAT IIThe DBMS must invalidate session identifiers upon user logout or other session termination.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 1
Check Text
Review DBMS settings and vendor documentation to verify user sessions are terminated, and session identifiers invalidated, upon user logout. If they are not, this is a finding.
Review system documentation and organization policy to identify other events that should result in session terminations.
If other session termination events are defined, review DBMS settings to verify occurrences of these events would cause session termination, invalidating the session identifiers.
If occurrences of defined session terminating events do not cause session terminations, invalidating the session identifiers, this is a finding.
Fix Text
Configure DBMS settings to terminate sessions, invalidating their session identifiers, upon user logout.
Configure DBMS settings to terminate sessions, invalidating their session identifiers, upon the occurrence of any organization- or policy-defined session termination event.
STIG Reference
- STIG
- Database Security Requirements Guide
- Version
- 4
- Release
- 5
- Rule ID
- SV-206565r1043179_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | Montford Point ShipCLIP DB V4R4.ckl | Unassigned | 2026-03-06T12:50:21.809591 | View in Context |