V-213917
CAT IISQL Server must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.
- Ships Affected
- 1
- Total Findings
- 5
- Open
- 0
- Closed
- 0
Check Text
Review application behavior and custom database code (stored procedures, triggers), to determine whether error messages contain information beyond what is needed for explaining the issue to general users.
If database error messages contain PII data, sensitive business data, or information useful for identifying the host system or database structure, this is a finding.
Fix Text
Adjust database code to remove any information not required for explaining the error to an end user.
Consider enabling trace flag 3625 to mask certain system-level error information returned to non-administrative users.
Launch SQL Server Configuration Manager >> Click SQL Services >> Open the instance properties >> Click the Service Parameters tab >> Enter "-T3625" >> Click Add >> Click OK >> Restart SQL instance.
STIG Reference
- STIG
- MS SQL Server 2016 Database Security Technical Implementation Guide
- Version
- 3
- Release
- 5
- Rule ID
- SV-213917r961167_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_tempdb_V3R3_20251023-144154.ckl | Unassigned | 2026-01-14T12:57:40.769694 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_msdb_V3R3_20251023-144148.ckl | Unassigned | 2026-01-14T12:57:40.663257 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_model_V3R3_20251023-144128.ckl | Unassigned | 2026-01-14T12:57:40.569961 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_master_V3R3_20251023-144120.ckl | Unassigned | 2026-01-14T12:57:40.470811 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_BEDB_V3R3_20251023-143959.ckl | Unassigned | 2026-01-14T12:57:40.371699 | View in Context |