Database Security Knowledgebase Update 5.60

October 26, 2020

Trustwave Database Security Knowledgebase version 5.60 includes new checks for IBM Db2 and SAP ASE and updated checks for MongoDB, PostgreSQL, and Teradata.

It also introduces a new policy (Federal Tax Information) to help organizations required to comply with security safeguards outlined in IRS Publication 1075.

New Vulnerability and Configuration Check Highlights

IBM Db2

Information disclosure and denial of service vulnerability via shared memory (CVE-2020-4414)
Risk: High
Read more about CVE-2020-4414 discovered by SpiderLabs

SAP ASE

Sensitive information disclosure via the ASE_Suite.log file
Risk: High
Read more about CVE-2020-6295 and CVE-2020-6317 discovered by SpiderLabs

Updated Checks

MongoDB

Latest patch not applied
- Risk: High
Patch release not applied on time
- Risk: High

PostgreSQL

Latest patch not applied
- Risk: High

Patch release not applied on time
- Risk: High

Teradata

Latest patch not applied
- Risk: High

Availability

Available to all AppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual) in good standing at no additional cost.
AppDetectivePRO customers can use the Updater within the product as well

Experiencing a security breach?

Experiencing a security breach?

Database Security Knowledgebase Update 5.60

New Vulnerability and Configuration Check Highlights

Updated Checks

Availability

Latest Software Updates

CVT Deployment 1.111.0-1

Database Security Knowledgebase Update KB 6.54

DbProtect 6.6.13 Now Available

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.