STIGQter: STIG Summary: Database Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 22 Jan 2021:

The DBMS must enforce authorized access to all PKI private keys stored/utilized by the DBMS.

DISA Rule

SV-206559r617447_rule

Vulnerability Number

V-206559

Group Title

SRG-APP-000176

Rule Version

SRG-APP-000176-DB-000068

Severity

CAT II

CCI(s)

• CCI-000186 - The information system, for PKI-based authentication, enforces authorized access to the corresponding private key.

Weight

10

Fix Recommendation

Store all DBMS PKI private keys in a FIPS 140-2 validated cryptographic module. Ensure access to the DBMS PKI private keys is restricted to only authenticated and authorized users.

Check Contents

Review DBMS configuration to determine whether appropriate access controls exist to protect the DBMS's private key(s). If the DMBS’s private key(s) are not stored in a FIPS 140-2 validated cryptographic module, this is a finding.

If access to the DBMS’s private key(s) is not restricted to authenticated and authorized users, this is a finding.

Vulnerability Number

V-206559

Documentable

False

Rule Version

SRG-APP-000176-DB-000068

Severity Override Guidance

Review DBMS configuration to determine whether appropriate access controls exist to protect the DBMS's private key(s). If the DMBS’s private key(s) are not stored in a FIPS 140-2 validated cryptographic module, this is a finding.

If access to the DBMS’s private key(s) is not restricted to authenticated and authorized users, this is a finding.

Check Content Reference

M

Target Key

2902

Comments