| V-5658 | High | Vendor supported software is evaluated and patched against newly found vulnerabilities. | The version of MS SQL Server must be listed by Microsoft as a supported version. Microsoft discontinues fixes for unsupported versions on reported dates. In order to maintain a secure environment,... |
| V-2461 | High | Extended stored procedure xp_cmdshell should be restricted to authorized accounts. | The xp_cmdshell extended stored procedure allows execution of host executables outside the controls of database access permissions. This access may be exploited by malicious users who have... |
| V-6756 | Medium | Only necessary privileges to the host system should be granted to DBA OS accounts. | Database administration accounts are frequently granted more permissions to the local host system than are necessary. This allows inadvertent or malicious changes to the host operating system. |
| V-15139 | Medium | Plans and procedures for testing DBMS installations, upgrades and patches should be defined and followed prior to production implementation. | Updates and patches to existing software have the intention of improving the security or enhancing or adding features to the product. However, it is unfortunately common that updates or patches... |
| V-3810 | Medium | DBMS authentication should require use of a DoD PKI certificate. | In a properly configured DBMS, access controls defined for data access and DBMS management actions are assigned based on the user identity and job function. Unauthenticated or falsely... |
| V-15133 | Medium | Transaction logs should be periodically reviewed for unauthorized modification of data. | Unauthorized or malicious changes to data compromise the integrity and usefulness of the data. Auditing changes to data supports accountability and non-repudiation. Auditing changes to data may be... |
| V-15134 | Medium | The Integration Services service account should not be assigned excess host system privileges. | Excess privileges can unnecessarily increase the vulnerabilities to a successful attack. If the Integration Service is compromised, the attack can lead to use of the privileges assigned to the... |
| V-15137 | Medium | Error log retention shoud be set to meet log retention policy. | For SQL Server, error logs are used to store system event and system error information. In addition to assisting in correcting system failures or issues that could affect system availability and... |
| V-6767 | Medium | The database should be secured in accordance with DoD, vendor and/or commercially accepted practices where applicable. | DBMS systems that do not follow DoD, vendor and/or public best security practices are vulnerable to related published vulnerabilities. A DoD reference document such as a security technical... |
| V-15646 | Medium | Audit records should contain required information. | Complete forensically valuable data may be unavailable or accountability may be jeopardized when audit records do not contain sufficient information. |
| V-15645 | Medium | Changes to configuration options should be audited. | The default audit trace provides a log of activity and changes primarily related to DBMS configuration options. The default audit trace option does not provide adequate auditing and should be disabled. |
| V-15643 | Medium | Access to DBMS security should be audited. | DBMS security data is useful to malicious users to perpetrate activities that compromise DBMS operations or data integrity. Auditing of access to this data supports forensic and accountability... |
| V-15648 | Medium | Access to the DBMS should be restricted to static, default network ports. | Use of static, default ports helps management of enterprise network device security controls. Use of non-default ports makes tracking and protection of published vulnerabilities to services and... |
| V-15649 | Medium | The DBMS should have configured all applicable settings to use trusted files, functions, features, or other components during startup, shutdown, aborts, or other unplanned interruptions. | The DBMS opens data files and reads configuration files at system startup, system shutdown and during abort recovery efforts. If the DBMS does not verify the trustworthiness of these files, it is... |
| V-15105 | Medium | Unauthorized access to external database objects should be removed from application user roles. | Access to objects stored and/or executed outside of the DBMS security context may provide an avenue of attack to host system resources not controlled by the DBMS. Any access to external resources... |
| V-15107 | Medium | DBMS privileges to restore database data or other DBMS configurations, features or objects should be restricted to authorized DBMS accounts. | Unauthorized restoration of database data, objects, or other configuration or features can result in a loss of data integrity, unauthorized configuration, or other DBMS interruption or compromise. |
| V-15106 | Medium | DBA roles should be periodically monitored to detect assignment of unauthorized or excess privileges. | Excess privilege assignment can lead to intentional or unintentional unauthorized actions. Such actions may compromise the operation or integrity of the DBMS and its data. |
| V-15102 | Medium | Automated notification of suspicious activity detected in the audit trail should be implemented. | Audit record collection may quickly overwhelm storage resources and an auditor's ability to review it in a productive manner. Automated tools can provide the means to manage the audit data... |
| V-15109 | Medium | DBMS production application and data directories should be protected from developers on shared production/development DBMS host systems. | Developer roles should not be assigned DBMS administrative privileges to production DBMS application and data directories. The separation of production and development DBA and developer roles help... |
| V-15108 | Medium | Privileges assigned to developers on shared production and development DBMS hosts and the DBMS should be monitored every three months or more frequently for unauthorized changes. | The developer role does not require Need-to-Know or administrative privileges to production databases. Assigning excess privileges can lead to unauthorized access to sensitive data or compromise... |
| V-2488 | Medium | SQL Server Agent CmdExec or ActiveScripting jobs should be restricted to sysadmins. | SQL Server Agent CmdExec and ActiveScripting subsystems allow the execution of code by the host operating system under the security context. Allow use of these features only to SYSADMINs and use... |
| V-2487 | Medium | SQL Server authentication mode should be set to Windows authentication mode or Mixed mode. | SQL Server authentication does not provide a sufficiently robust password complexity and management capability to meet stringent security requirements. SQL Server allows use of Windows... |
| V-2485 | Medium | Remote access should be disabled if not authorized. | The remote access option determines if connections to and from other Microsoft SQL Servers are allowed. Remote connections are used to support distributed queries and other data access and command... |
| V-15632 | Medium | Use of DBA accounts should be restricted to administrative activities. | Use of privileged accounts for non-administrative purposes puts data at risk of unintended or unauthorized loss, modification or exposure. In particular, DBA accounts if used for... |
| V-5659 | Medium | The latest security patches should be installed. | Maintaining the currency of the software version protects the database from known vulnerabilities. |
| V-15113 | Medium | SQL Server replications agents should be run under separate and dedicated OS accounts. | Use of shared accounts used by replication agents require that all permissions required to support each of the separate replication agent roles (snapshot publication, distribution, log reading,... |
| V-15110 | Medium | Use of the DBMS installation account should be logged. | The DBMS installation account may be used by any authorized user to perform DBMS installation or maintenance. Without logging, accountability for actions attributed to the account is lost. |
| V-15111 | Medium | Use of the DBMS software installation account should be restricted to DBMS software installation, upgrade and maintenance actions. | The DBMS software installation account is granted privileges not required for DBA or other functions. Use of accounts configured with excess privileges may result in unauthorized or unintentional... |
| V-15116 | Medium | The DBMS host platform and other dependent applications should be configured in compliance with applicable STIG requirements. | The security of the data stored in the DBMS is also vulnerable to attacks against the host platform, calling applications, and other application or optional components. |
| V-15119 | Medium | DBMS files critical for DBMS recovery should be stored on RAID or other high-availability storage devices. | DBMS recovery can be adversely affected by hardware storage failure. Impediments to DBMS recovery can have a significant impact on operations. |
| V-15211 | Medium | The SMO and DMO SPs option should be set to disabled if not required. | The SMO and DMO XPs are management object extended stored procedures that provide highly privileged actions that run externally to the DBMS under the security context of the SQL Server service... |
| V-15210 | Medium | The Agent XPs option should be set to disabled if not required. | The Agent XPs are extended stored procedures used by the SQL Server Agent that provide privileged actions that run externally to the DBMS under the security context of the SQL Server Agent service... |
| V-3818 | Medium | Unauthorized database links should not be defined and active. | DBMS links provide a communication and data transfer path definition between two databases that may be used by malicious users to discover and obtain unauthorized access to remote systems.... |
| V-15620 | Medium | OS accounts used to execute external procedures should be assigned minimum privileges. | External applications spawned by the DBMS process may be executed under OS accounts assigned unnecessary privileges that can lead to unauthorized access to OS resources. Unauthorized access to OS... |
| V-15625 | Medium | Recovery procedures and technical system features exist to ensure that recovery is done
in a secure and verifiable manner. | A DBMS may be vulnerable to use of compromised data or other critical files during recovery. Use of compromised files could introduce maliciously altered application code, relaxed security... |
| V-15626 | Medium | Database privileged role assignments should be restricted to IAO-authorized DBMS accounts. | Roles assigned privileges to perform DDL and/or system configuration actions in the database can lead to compromise of any data in the database as well as operation of the DBMS itself. Restrict... |
| V-15627 | Medium | Administrative privileges should be assigned to database accounts via database roles. | Privileges granted outside the role of the administrative user job function are more likely to go unmanaged or without oversight for authorization. Maintenance of privileges using roles defined... |
| V-15628 | Medium | DBMS application users should not be granted administrative privileges to the DBMS. | DBMS privileges to issue other than Database Manipulation Language (DML) commands provide means to affect database object configuration and use of resources. Application users do not require... |
| V-15187 | Medium | Linked server providers should not allow ad hoc access. | Ad hoc access allows undefined access to remote systems. Access to remote systems should be controlled to prevent untrusted data to be executed or uploaded to the local server. |
| V-15186 | Medium | Analysis Services Links From Objects should be disabled if not required. | Analysis Services allows other server instances to link to local analysis services objects. Where not required, enabling of this allowance can unnecessarily expose the database objects to... |
| V-15181 | Medium | Analysis Services user-defined COM functions should be disabled if not required. | Allowing user-defined COM functions can allow unauthorized code access to the Analysis Services instance. Where not required as part of the operational design, allowing user-defined COM functions... |
| V-15180 | Medium | Only authorized users should be granted access to Analysis Services data sources. | Access control applied to data sources controls user access to remotely defined systems using the authentication and authorizations defined for the data source. Unauthorized access to the data... |
| V-15183 | Medium | The Analysis Services ad hoc data mining queries configuration option should be disabled if not required. | SQL Server Ad Hoc distributed queries allow specific functions (OPENROWSET and OPENDATASOURCE) to connect to remote systems without those remote systems being defined within database. Access to... |
| V-15182 | Medium | Replication snapshot folders should be protected from unauthorized access. | Replication snapshot folders contain database data to which only authorized replication accounts require access. Unauthorized access to these folders could compromise data confidentiality and... |
| V-2507 | Medium | Audit trail data should be retained for one year. | Without preservation, a complete discovery of an attack or suspicious activity may not be determined. DBMS audit data also contributes to the complete investigation of unauthorized activity and... |
| V-2500 | Medium | Trace Rollover should be enabled for audit traces that have a maximum trace file size. | The majority of Microsoft SQL Server security auditing is provided by the trace facility. Traces may be created using system stored procedures or with Microsoft SQL Profiler. The trace must be... |
| V-15166 | Medium | Database Engine Ad Hoc distributed queries should be disabled. | Adhoc queries allow undefined access to remote database sources. Access to untrusted databases could result in execution of malicious applications and/or a compromise of local data confidentiality... |
| V-15165 | Medium | Only authorized service broker endpoints should be configured on the server. | Service Broker endpoints expose the database to SQL Server messaging communication access. Where not carefully designed and implemented, messaging communication can unnecessarily expose the... |
| V-5685 | Medium | Required auditing parameters for database auditing should be set. | Auditing provides accountability for changes made to the DBMS configuration or its objects and data. It provides a means to discover suspicious activity and unauthorized changes. Without auditing,... |
| V-5686 | Medium | Audit records should be restricted to authorized individuals. | Audit data is frequently targeted by malicious users as it can provide a means to detect their activity. The protection of the audit trail data is of special concern and requires restrictions to... |
| V-15206 | Medium | Only authorized XML Web Service endpoints should be configured on the server. | XML Web Service endpoints expose the database its data to web service access. Where not carefully designed and implemented, web services can unnecessarily expose the database to additional exploit... |
| V-15204 | Medium | Analysis Services Links to Objects should be disabled if not required. | Analysis Services may make connections to external SQL Server instances. In some cases this may be required for the intended operation, however, where not required, this may introduce unnecessary... |
| V-15169 | Medium | The SQL Server services should not be assigned excessive user rights. | Excessive or unneeded privileges allow for unauthorized actions. When application vulnerabilities are exploited, excessive privileges assigned to the application can lead to unnecessary risk to... |
| V-15201 | Medium | Cross database ownership chaining, if required, should be documented and authorized by the IAO. | Cross database ownership chaining allows permissions to objects to be assigned by users other than the Information Owner. This allows access to objects that are not authorized directly by the... |
| V-15129 | Medium | Backup and recovery procedures should be developed, documented, implemented and periodically tested. | Problems with backup procedures or backup media may not be discovered until after a recovery is needed. Testing and verification of procedures provides the opportunity to discover oversights,... |
| V-2472 | Medium | OLE Automation extended stored procedures should be restricted to sysadmin access. | Extended stored procedures allow SQL Server users to execute functions external to SQL Server. An extended stored procedure is a function within a Windows DLL that can be referenced as a stored... |
| V-2473 | Medium | Registry extended stored procedures should be restricted to sysadmin access. | Extended stored procedures allow SQL Server users to execute functions external to SQL Server. An extended stored procedure is a function within a Windows NT DLL that can be referenced as a stored... |
| V-15198 | Medium | The Web Assistant procedures configuration option should be disabled if not required. | The Web Assistant procedures are used by database applications to create web pages. This capability may easily be abused to send malicious messages to remote users or systems. Disabling its use... |
| V-15619 | Medium | Replication accounts should not be granted DBA privileges. | Replication accounts may be used to access databases defined for the replication architecture. An exploit of a replication on one database could lead to the compromise of any database... |
| V-15618 | Medium | Access to external DBMS executables should be disabled or restricted. | DBMS’s may spawn additional external processes to execute procedures that are defined in the DBMS, but stored in external host files (external procedures). The spawned process used to execute the... |
| V-15615 | Medium | DBA accounts should not be assigned excessive or unauthorized role privileges. | The default DBA privileges typically include all privileges defined for a DBMS. These privileges are required to configure the DBMS and to provide other users access to DBMS objects. However, DBAs... |
| V-15190 | Medium | Analysis Services Security Package List should be disabled if not required. | Analysis Services Security Packages are security applications provided outside of the default Analysis Services installation. The packages may be provided by custom development or commercial... |
| V-15196 | Medium | Only authorized SQL Server proxies should be assigned access to subsystems. | SQL Server subsystems define a set of functionality available for assignment to a SQL Server Agent proxy. These act as privileges to perform certain job tasks. Excess privilege assignment or... |
| V-15197 | Medium | Dedicated accounts should be designated for SQL Server Agent proxies. | SQL Server proxies use to execute specific job functions defined for SQL Server Agent. If proxies share a single account for multiple job functions, least privileges cannot be assigned based on... |
| V-15176 | Medium | SQL Server event forwarding, if enabled, should be operational. | If SQL Server is configured to forward events to an Alerts Management Server that is not available, then no alerts are issued for the server. |
| V-15170 | Medium | SQL Server services should be assigned least privileges on the SQL Server Windows host. | Exploits to SQL Server services may provide access to the host system resources within the security context of the service. Excess privileges assigned to the SQL Services can increase the threat... |
| V-15173 | Medium | Database TRUSTWORTHY status should be authorized and documented or set to off. | The TRUSTWORTHY database setting restricts access to database resources by databases that contain assemblies with the EXTERNAL_ACCESS or UNSAFE permission settings and modules that use... |
| V-15178 | Medium | Replication databases should have authorized db_owner role members. The replication monitor role should have authorized members. | Role privileges required by replication include full privileges to the databases with replicated objects. Restrict replication database db_owner role memberships and the system distribution... |
| V-15179 | Medium | The DBMS should not share a host supporting an independent security service. | The Security Support Structure is a security control function or service provided by an external system or application. An example of this would be a Windows domain controller that provides... |
| V-15127 | Medium | The IAM should review changes to DBA role assignments. | Unauthorized assignment of DBA privileges can lead to a compromise of DBMS integrity. Providing oversight to the authorization and assignment of privileges provides the separation of duty to... |
| V-15608 | Medium | Access to DBMS software files and directories should not be granted to unauthorized users. | The DBMS software libraries contain the executables used by the DBMS to operate. Unauthorized access to the libraries can result in malicious alteration or planting of operational executables.... |
| V-15609 | Medium | Default demonstration and sample database objects and applications should be removed. | Demonstration and sample database objects and applications present publicly known attack points for malicious users. These demonstration and sample objects are meant to provide simple examples of... |
| V-2464 | Medium | Execute stored procedures at startup, if enabled, should have a custom audit trace defined. | The DBMS startup process may be vulnerable to introduction of malicious or unauthorized actions. Any use of automated execution of custom procedures provides an opportunity to deploy unauthorized... |
| V-3336 | Medium | SQL Server Agent email notification usage if enabled should be documented and approved by the IAO. | SQL Mail accepts incoming database commands via email. This can introduce malicious codes or viruses into the SQL server environment. |
| V-3335 | Medium | SQL Mail, SQL Mail Extended Stored Procedures (XPs) and Database Mail XPs are required and enabled. | The SQL Mail, SQL Mail Extended Stored Procedures (XPs) and Database Mail XPs are used by database applications to provide email messages to and from the database. This capability may easily be... |
| V-15141 | Medium | DBMS processes or services should run under custom, dedicated OS accounts. | Shared accounts do not provide separation of duties nor allow for assignment of least privileges for use by database processes and services. Without separation and least privilege, the exploit of... |
| V-4754 | Medium | Database software directories including DBMS configuration files are stored in dedicated directories separate from the host OS and other applications. | Multiple applications can provide a cumulative negative effect. A vulnerability and subsequent exploit to one application can lead to an exploit of other applications sharing the same security... |
| V-15143 | Medium | Database data encryption controls should be configured in accordance with application requirements. | Authorizations may not sufficiently protect access to sensitive data and may require encryption. In some cases, the required encryption may be provided by the application accessing the database.... |
| V-15144 | Medium | Sensitive data is stored in the database and should be identified in the System Security Plan and AIS Functional Architecture documentation. | A DBMS that does not have the correct confidentiality level identified or any confidentiality level assigned stands the chance of not being secured at a level appropriate to the risk it poses. |
| V-15147 | Medium | The DBMS data files, transaction logs and audit files should be stored in dedicated directories or disk partitions separate from software or other application files. | Protection of DBMS data, transaction and audit data files stored by the host operating system is dependent on OS controls. When different applications share the same database process, resource... |
| V-15146 | Medium | The DBMS should not be operated without authorization on a host system supporting other application services. | In the same way that added security layers can provide a cumulative positive effect on security posture, multiple applications can provide a cumulative negative effect. A vulnerability and... |
| V-15148 | Medium | DBMS network communications should comply with PPS usage restrictions. | Non-standard network ports, protocol or services configuration or usage could lead to bypass of network perimeter security controls and protections. |
| V-4758 | Medium | An upgrade/migration plan should be developed to address an unsupported DBMS software version. | Unsupported software versions are not patched by vendors to address newly discovered security versions. An unpatched version is vulnerable to attack. Developing and implementing an upgrade plan... |
| V-3820 | Medium | Production databases should be protected from unauthorized access by developers on shared production/development host systems. | Developers granted elevated database and operating system privileges on systems that support both development and production databases can affect the operation and/or security of the production... |
| V-3821 | Medium | Application user privilege assignment should be reviewed monthly or more frequently to ensure compliance with least privilege and documented policy. | Users granted privileges not required to perform their assigned functions are able to make unauthorized modifications to the production data or database. Monthly or more frequent periodic review... |
| V-3827 | Medium | Audit trail data should be reviewed daily or more frequently. | Review of audit trail data provides a means for detection of unauthorized access or attempted access. Frequent and regularly scheduled reviews ensures that such access is discovered in a timely manner. |
| V-15658 | Medium | The DBMS warning banner does not meet DoD policy requirements. | Without sufficient warning of monitoring and access restrictions of a system, legal prosecution to assign responsibility for unauthorized or malicious access may not succeed. A warning message... |
| V-15154 | Medium | Credentials stored and used by the DBMS to access remote databases or applications should be authorized and restricted to authorized users. | Credentials defined for access to remote databases or applications may provide unauthorized access to additional databases and applications to unauthorized or malicious users. |
| V-15155 | Medium | The SQL Server Agent service account should not be assigned excess user rights. | Excess privileges can unnecessarily increase the vulnerabilities to a successful attack. If the SQL Server Agent service is compromised, the attack can lead to use of the privileges assigned to... |
| V-15153 | Medium | DBMS account passwords should be set to expire every 60 days or more frequently. | Unchanged passwords provide a means for compromised passwords to be used for unauthorized access to DBMS accounts over a long time. |
| V-3833 | Medium | Windows OS DBA group should contain only authorized users. | The host DBA group is assigned permissions to the DBMS system libraries and may also be used to assign DBA privileges within the database. Unauthorized DBA privilege assignment leaves the DBMS... |
| V-3832 | Medium | A Windows OS DBA group should exist. | The DBA job function differs from the host system administrator job function. Without a separate host OS group to assign necessary privileges on the operating system, separation of duties is not... |
| V-3835 | Medium | The SQL Server service should use a least-privileged local or domain user account. | The Windows builtin Administrators group and LocalSystem account are assigned full privileges to the Windows operating system. These privileges are not required by the SQL Server service accounts... |
| V-2427 | Medium | Fixed Server roles should have only authorized users or groups assigned as members. | Fixed server roles provide a mechanism to grant groups of privileges to users. These privilege groupings are defined by the installation or upgrade of the SQL Server software at the discretion of... |
| V-2426 | Medium | C2 Audit mode should be enabled or custom audit traces defined. | The C2 audit mode uses a system-defined trace to collect audit information for MS SQL Server 2000 and higher. It utilizes all security event categories defined within SQL Server, not all of which... |
| V-2423 | Medium | Database software, applications and configuration files should be monitored to discover unauthorized changes. | Unmanaged changes that occur to the database software libraries or configuration can lead to unauthorized or compromised installations. |
| V-2422 | Medium | The DBMS software installation account should be restricted to authorized users. | DBA and other privileged administrative or application owner accounts are granted privileges that allow actions that can have a greater impact on database security and operation. It is especially... |
| V-3806 | Medium | A baseline of database application software should be documented and maintained. | Without maintenance of a baseline of current DBMS application software, monitoring for changes cannot be complete and unauthorized changes to the software can go undetected. Changes to the DBMS... |
| V-3807 | Medium | All applications that access the database should be logged in the audit trail. | Protections and privileges are designed within the database to correspond to access via authorized software. Use of unauthorized software to access the database could indicate an attempt to bypass... |
| V-3803 | Medium | A production DBMS installation should not coexist on the same DBMS host with other, non-production DBMS installations. | Production, development and other non-production DBMS installations have different access and security requirements. Shared production/non-production DBMS installations secured at a... |
| V-15122 | Medium | The database should not be directly accessible from public or unauthorized networks. | Databases often store critical and/or sensitive information used by the organization. For this reason, databases are targeted for attacks by malicious users. Additional protections provided by... |
| V-15121 | Medium | DBMS software libraries should be periodically backed up. | The DBMS application depends upon the availability and integrity of its software libraries. Without backups, compromise or loss of the software libraries can prevent a successful recovery of DBMS... |
| V-15120 | Medium | DBMS backup and restoration files should be protected from unauthorized access. | Lost or compromised DBMS backup and restoration files may lead to not only the loss of data, but also the unauthorized access to sensitive data. Backup files need the same protections against... |
| V-3808 | Medium | Database job/batch queues should be reviewed regularly to detect unauthorized database job submissions. | Unauthorized users may bypass security mechanisms by submitting jobs to job queues managed by the database to be run under a more privileged security context of the database or host system. These... |
| V-15126 | Medium | Database backup procedures should be defined, documented and implemented. | Database backups provide the required means to restore databases after compromise or loss. Backups help reduce the vulnerability to unauthorized access or hardware loss. |
| V-15125 | Medium | Only authorized users should be assigned permissions to SQL Server Agent proxies. | Database accounts granted access to SQL Server Agent proxies are granted permissions to create and submit specific function job steps to be executed by SQL Server Agent. Unauthorized users may use... |
| V-15124 | Medium | The Named Pipes network protocol should be documented and approved if enabled. | The named pipes network protocol requires more ports to be opened on firewalls than TCP/IP. Managing and administering multiple network protocols may unnecessarily complicate network controls. |
| V-15610 | Medium | DBMS should use NIST FIPS 140-2 validated cryptography. | Use of cryptography to provide confidentiality and non-repudiation is not effective unless strong methods are employed with its use. Many earlier encryption methods and modules have been broken... |
| V-15617 | Medium | Access to external objects should be disabled if not required and authorized. | Objects defined within the database, but stored externally to the database are accessible based on authorizations defined by the local operating system or other remote system that may be under... |
| V-15138 | Low | The DBMS IA policies and procedures should be reviewed annually or more frequently. | A regular review of current database security policies and procedures is necessary to maintain the desired security posture of the DBMS. Policies and procedures should be measured against current... |
| V-15112 | Low | The DBMS should be periodically tested for vulnerability management and IA compliance. | The DBMS security configuration may be altered either intentionally or unintentionally over time. The DBMS may also be the subject of published vulnerabilities that require the installation of a... |
| V-15114 | Low | Developers should not be assigned excessive privileges on production databases. | Developers play a unique role and represent a specific type of threat to the security of the DBMS. Where restricted resources prevent the required separation of production and development DBMS... |
| V-15622 | Low | DBMS service identification should be unique and clearly identifies the service. | Local or network services that do not employ unique or clearly identifiable targets can lead to inadvertent or unauthorized connections. |
| V-15205 | Low | Reporting Services scheduled events and report delivery should be disabled if not required. | Where not required, Scheduled events and report delivery unnecessarily exposes the report server to attack via Report Service event handling and report delivery. |
| V-15202 | Low | Use of Command Language Runtime objects should be disabled if not required. | The clr_enabled parameter configures SQL Server to allow or disallow use of Command Language Runtime objects. CLR objects is managed code that integrates with the .NET Framework. This is a more... |
| V-15199 | Low | Reporting Services Web service requests and HTTP access should be disabled if not required. | Where not required, SOAP and URL access to the web service unnecessarily exposes the report server to attack via the SOAP and HTTP protocols. |
| V-3728 | Low | Unused database components, database application software and database objects should be removed from the DBMS system. | Unused, unnecessary DBMS components increase the attack vector for the DBMS by introducing additional targets for attack. By minimizing the services and applications installed on the system, the... |
| V-3726 | Low | Configuration management procedures should be defined and implemented for database software modifications. | Uncontrolled, untested, or unmanaged changes result in an unreliable security posture. All changes to software libraries related to the database and its use need to be reviewed, considered, and... |
| V-15145 | Low | The DBMS restoration priority should be assigned. | When DBMS service is disrupted, the impact it has on the overall mission of the organization can be severe. Without the proper assignment of the priority to be placed on restoration of the DBMS... |
| V-15149 | Low | DBA roles assignments should be assigned and authorized by the IAO. | The DBA role and associated privileges provide complete control over the DBMS operation and integrity. DBA role assignment without authorization could lead to the assignment of these privileges to... |
| V-15150 | Low | The DBMS requires a System Security Plan containing all required information. | A System Security Plan identifies security control applicability and configuration for the DBMS. It also contains security control documentation requirements. Security controls applicable to the... |
| V-2420 | Low | Database executable and configuration files should be monitored for unauthorized modifications. | Changes to files in the DBMS software directory including executable, configuration, script, or batch files can indicate malicious compromise of the software files. Changes to non-executable... |
| V-3805 | Low | Application software should be owned by a Software Application account. | File and directory ownership imparts full privileges to the owner. These privileges should be restricted to a single, dedicated account to preserve proper chains of ownership and privilege... |
| V-15611 | Low | The audit logs should be periodically monitored to discover DBMS access using unauthorized applications. | Regular and timely reviews of audit records increases the likelihood of early discovery of suspicious activity. Discovery of suspicious behavior can in turn trigger protection responses to... |
