V-206596
CAT IIThe DBMS must prohibit user installation of logic modules (stored procedures, functions, triggers, views, etc.) without explicit privileged status.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 1
Check Text
If the DBMS supports only software development, experimentation and/or developer-level testing (that is, excluding production systems, integration testing, stress testing, and user acceptance testing), this is not a finding.
Review the DBMS and database security settings with respect to nonadministrative users' ability to create, alter, or replace logic modules, to include but not necessarily only stored procedures, functions, triggers, and views.
If any such permissions exist and are not documented and approved, this is a finding.
Fix Text
Document and obtain approval for any nonadministrative users who require the ability to create, alter or replace logic modules.
Implement the approved permissions. Revoke any unapproved permissions.
STIG Reference
- STIG
- Database Security Requirements Guide
- Version
- 4
- Release
- 5
- Rule ID
- SV-206596r981956_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | Montford Point ShipCLIP DB V4R4.ckl | Unassigned | 2026-03-06T12:50:21.809591 | View in Context |