Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Credentials stored and used by the DBMS to access remote databases or applications should be authorized and restricted to authorized users.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15154 | DG0190-SQLServer9 | SV-24111r1_rule | DCFA-1 | Medium |
| Description |
|---|
| Credentials defined for access to remote databases or applications may provide unauthorized access to additional databases and applications to unauthorized or malicious users. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-04-03 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-14763r1_fix) |
|---|
| Grant access to linked servers to authorized accounts or applications only. Document all linked server access authorizations in the System Security Plan and authorize with the IAO. |