STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must prevent unauthorized and unintended information transfer via shared system resources.

DISA Rule

SV-206573r617447_rule

Vulnerability Number

V-206573

Group Title

SRG-APP-000243

Rule Version

SRG-APP-000243-DB-000373

Severity

CAT II

CCI(s)

• CCI-001090 - The information system prevents unauthorized and unintended information transfer via shared system resources.

Weight

10

Fix Recommendation

Deploy a DBMS capable of effectively protecting the private resources of one process or user from unauthorized access by another user or process.

Configure the DBMS to effectively protect the private resources of one process or user from unauthorized access by another user or process.

Check Contents

Review the DBMS architecture to find out if and how it protects the private resources of one process or user (such as working memory, temporary tables, uncommitted data) from unauthorized access by another user or process.

If it does not effectively do so, this is a finding.

Vulnerability Number

V-206573

Documentable

False

Rule Version

SRG-APP-000243-DB-000373

Severity Override Guidance

Review the DBMS architecture to find out if and how it protects the private resources of one process or user (such as working memory, temporary tables, uncommitted data) from unauthorized access by another user or process.

If it does not effectively do so, this is a finding.

Check Content Reference

M

Target Key

2902

Comments