DBMS application user roles should not be assigned unauthorized privileges.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15128 | DG0105-SQLServer9 | SV-24098r1_rule | DCFA-1 | Medium |
| Description |
|---|
| Unauthorized access to the data can lead to loss of confidentiality and integrity of the data. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Database Security Technical Implementation Guide | 2015-04-03 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-23528r1_fix) |
|---|
| Use the grant and revoke commands to assign the authorized privileges as listed in the System Security Plan to custom database application or application user roles. |