DBMS privileges to restore database data or other DBMS configurations, features or objects should be restricted to authorized DBMS accounts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15107 | DG0063-SQLServer9 | SV-24084r1_rule | ECLP-1 | Medium |
| Description |
|---|
| Unauthorized restoration of database data, objects, or other configuration or features can result in a loss of data integrity, unauthorized configuration, or other DBMS interruption or compromise. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-04-03 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-24468r1_fix) |
|---|
| Define DBMS roles that are authorized for database restore functions, restrict assignment of restore privileges to those roles, and assign those roles only to authorized DBMS accounts. |