STIGQter STIGQter: STIG Summary: Microsoft SharePoint 2013 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The SharePoint setup account must be configured with the minimum privileges on the SQL server.

DISA Rule

SV-223270r612235_rule

Vulnerability Number

V-223270

Group Title

SRG-APP-000516

Rule Version

SP13-00-000175

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the SharePoint setup account with minimum privileges on the SQL server.

Configure the account on the SQL server.
- Launch the SQL Server Management Console and navigate to Security >> Logins.
- Select the SharePoint Setup User account.
- Click on "Server Roles".
- Ensure only public, dbcreator, and securityadmin roles are checked.
- Remove checks from all other roles.

Check Contents

The SharePoint setup account must be configured with the minimum privileges on the SQL server.

- Launch the SQL Server Management Console and navigate to Security >> Logins.
- Select the SharePoint Setup User account.
- Click on "Server Roles" and verify only public, dbcreator, and securityadmin are checked.
- Click on "User Mapping" and verify that the setup account is a member of the public and db_owner role on each SharePoint database.

Otherwise, this is a finding.

Vulnerability Number

V-223270

Documentable

False

Rule Version

SP13-00-000175

Severity Override Guidance

The SharePoint setup account must be configured with the minimum privileges on the SQL server.

- Launch the SQL Server Management Console and navigate to Security >> Logins.
- Select the SharePoint Setup User account.
- Click on "Server Roles" and verify only public, dbcreator, and securityadmin are checked.
- Click on "User Mapping" and verify that the setup account is a member of the public and db_owner role on each SharePoint database.

Otherwise, this is a finding.

Check Content Reference

M

Target Key

4096

Comments