Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
DBMS default account names must be changed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-32246 | SRG-APP-000063-DB-000023 | SV-42563r1_rule | Medium |
| Description |
|---|
| Default accounts are usually accounts that have special privileges required to administer the database. Well-known DBMS account names are targeted most frequently by attackers and are thus more prone to providing unauthorized access to the database. If default account names are not changed an attacker has a predefined list of accounts to target. Since most default accounts are administrative in nature, the compromise of a default account can have catastrophic consequences including the complete loss of control over the information system. |
| STIG | Date |
|---|---|
| Database Security Requirements Guide | 2012-07-02 |
Details
| Check Text ( C-40755r1_chk ) |
|---|
| Review the list of default account names provided by the DBMS. The list may be provided in vendor documentation or obtained using Internet resources. If default account names exist, this is a finding. |
| Fix Text (F-36170r1_fix) |
|---|
| Modify default DBMS accounts to use custom account names. |