STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

DBMS products must be a version supported by the vendor.

DISA Rule

SV-233492r617447_rule

Vulnerability Number

V-233492

Group Title

SRG-APP-000456-DB-000400

Rule Version

SRG-APP-000456-DB-000400

Severity

CAT II

CCI(s)

• CCI-002605 - The organization installs security-relevant software updates within an organization-defined time period of the release of the updates.

Weight

10

Fix Recommendation

Remove or decommission all unsupported software products.

Upgrade unsupported DBMS or unsupported components to a supported version of the product.

Check Contents

Review the system documentation and interview the database administrator.

Identify all database software components.

Review the version and release information.

Access the vendor website or use other means to verify the version is still supported.

If the DBMS or any of the software components are not supported by the vendor, this is a finding.

Vulnerability Number

V-233492

Documentable

False

Rule Version

SRG-APP-000456-DB-000400

Severity Override Guidance

Review the system documentation and interview the database administrator.

Identify all database software components.

Review the version and release information.

Access the vendor website or use other means to verify the version is still supported.

If the DBMS or any of the software components are not supported by the vendor, this is a finding.

Check Content Reference

M

Target Key

2902

Comments