Only authorized SQL Server proxies should be assigned access to subsystems.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15196 | DM6145-SQLServer9 | SV-23859r1_rule | ECAN-1 | Medium |
| Description |
|---|
| SQL Server subsystems define a set of functionality available for assignment to a SQL Server Agent proxy. These act as privileges to perform certain job tasks. Excess privilege assignment or subsystem assignment can lead to unauthorized access to the SQL Server instance or host operating system. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-04-03 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-14835r1_fix) |
|---|
| Define and document in the System Security Plan the minimum subsystem assignments required by individual proxies. Assign to each proxy only those subsystems required to complete the SQL Server Agent job. |