Knowledgebase version 5.26 includes new checks for Oracle & IBM DB2 LUW, updates to IBM DB2 LUW checks and two updated policies: CIS 2.2.0 for Oracle 11g & Strict.
New Vulnerability and Configuration Check Highlights
IBM DB2 LUW
- DB2 must initiate session auditing upon startup
o Ensure that, at a minimum, there are audit policies defined for the AUDIT, CHECKING, CONTEXT, SECMAINT, SYSADMIN, VALIDATE, OBJMAINT, and EXECUTE categories.
o Risk: Medium
- Ensure Audit policy is defined at the Table and Database level
o Ensure that, at a minimum, there are audit policies defined for the AUDIT, CHECKING, CONTEXT, SECMAINT, SYSADMIN, and VALIDATE categories.
o Risk: Medium
- Generate audit records when privileges/permissions are retrieved
o Ensure that, at a minimum, there are audit policies defined for the CONTEXT, and EXECUTE categories.
o Risk: Medium
- Generate audit records when security objects are accessed
o Ensure that, at a minimum, there are audit policies defined for the AUDIT, CHECKING, CONTEXT, SECMAINT, SYSADMIN, and VALIDATE categories.
o Risk: Medium
- Generate audit records when unsuccessful attempts to retrieve privileges/permissions occur
o Ensure that, at a minimum, there are audit policies defined for the CONTEXT, and EXECUTE categories.
o Risk: Medium
- Integration with an organization-level authentication/access mechanism provides account management and automation
o Verify that the Database Management Configuration parameter SRVCON_PW_PLUGIN equals IBMLDAPauthserver.
o Risk: Medium
- Limit the number of concurrent sessions to a number per user
o Check and confirm that the connection procedure limits the amount of concurrent connections is acceptable by the organization's policies.
o Risk: Medium
- Protect against a user falsely repudiating having performed organization-defined actions
o Ensure that there are audit policies defined for required application tables and/or database.
o Risk: Medium
Oracle
o Check that pluggable databases (PDBs) have PDB_LOCKDOWN parameter configured.
o Risk: Informational
Updated Checks
IBM DB2 LUW
- Fix Pack not installed on time
o Support 11.1 Mod 3 Fix Pack 3
o Risk: High
- Latest Fix Pack not installed
o Support 11.1 Mod 3 Fix Pack 3
o Risk: High
Updated Policies
- CIS v2.2.0 for Oracle 11gR2 - Audit (Built-In)
New Checks
- Oracle: SQL92_SECURITY parameter not enabled: Low
- Strict - Audit (Built-in)
New Checks
- Oracle: Lockdown profile: Informational
User Creation Scripts
There have been no changes in this release.
Availability
- Available to all AppDetectivePRO and DbProtect customers with maintenance(subscription or perpetual) in good standing at no additional cost
- AppDetectivePRO customers can use the Updater within the product as well
