V-206567
CAT IIThe DBMS must maintain the authenticity of communications sessions by guarding against man-in-the-middle attacks that guess at Session ID values.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 1
Check Text
Review DBMS vendor documentation and system behavior (and if necessary, consult vendor representatives) to determine whether the DBMS can provide demonstrably effective protection against man-in-the-middle attacks that guess at session identifier values.
If not, this is a finding.
Review DBMS settings to determine whether protections against man-in-the-middle attacks that guess at session identifier values are enabled.
If they are not, this is a finding.
Fix Text
Utilize a DBMS product that can provide demonstrably effective protection against man-in-the-middle attacks that guess at session identifier values.
Configure DBMS settings to enable protections against man-in-the-middle attacks that guess at session identifier values.
STIG Reference
- STIG
- Database Security Requirements Guide
- Version
- 4
- Release
- 5
- Rule ID
- SV-206567r1043181_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | Montford Point ShipCLIP DB V4R4.ckl | Unassigned | 2026-03-06T12:50:21.809591 | View in Context |