Check: TANS-DB-000006
Tanium 6.5 STIG:
TANS-DB-000006
(in versions v1 r3 through v1 r2)
Title
SQL stored queries or procedures installed during Tanium installation must be removed from the Tanium Server. (Cat II impact)
Discussion
Failure to protect organizational information from data mining may result in a compromise of information. Data storage objects include, for example, databases, database records, and database fields. Data mining prevention and detection techniques include, for example: limiting the types of responses provided to database queries; limiting the number/frequency of database queries to increase the work factor needed to determine the contents of such databases; and notifying organizational personnel when atypical database queries or accesses occur.
Check Content
Access the Tanium Server interactively. Log on with an account with administrative privileges to the server. Review the folder to which the Tanium installation package was downloaded and, if different, the folder from which the Tanium installation was run. If any SQL stored queries or procedures are found in the folder to which the Tanium installation package was downloaded and, if different, the folder from which the Tanium installation was run, this is a finding.
Fix Text
Access the Tanium Server interactively. Log on with an account with administrative privileges to the server. Locate and remove the SQL queries or procedures from the folder to which the Tanium installation package was downloaded and, if different, the folder from which the Tanium installation was run.
Additional Identifiers
Rule ID: SV-81523r1_rule
Vulnerability ID: V-67033
Group Title: SRG-APP-000454
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002617 |
Remove previous versions of organization-defined software components after updated versions have been installed. |
Controls
Number | Title |
---|---|
SI-2(6) |
Removal of Previous Versions of Software / Firmware |