Check: TANS-DB-000006
Tanium 7.3 STIG:
TANS-DB-000006
(in versions v2 r2 through v1 r1)
Title
SQL stored queries or procedures installed during Tanium installation must be removed from the Tanium Server. (Cat II impact)
Discussion
Failure to protect organizational information from data mining may result in a compromise of information. Data storage objects include, for example, databases, database records, and database fields. Data mining prevention and detection techniques include, for example: limiting the types of responses provided to database queries; limiting the number/frequency of database queries to increase the work factor needed to determine the contents of such databases; and notifying organizational personnel when atypical database queries or accesses occur.
Check Content
Access the Tanium Server interactively. Log on to the server with an account that has administrative privileges. Navigate to Program Files >> Tanium >> Tanium Server. If any SQL stored queries (.sql files) or procedures are found, this is a finding.
Fix Text
Access the Tanium Server interactively. Log on to the server with an account that has administrative privileges. Navigate to Program Files >> Tanium >> Tanium Server. Remove the SQL stored queries (.sql files) or procedures from the folder.
Additional Identifiers
Rule ID: SV-234076r612749_rule
Vulnerability ID: V-234076
Group Title: SRG-APP-000454
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002617 |
The organization removes organization-defined software components (e.g., previous versions) after updated versions have been installed. |
Controls
Number | Title |
---|---|
SI-2 (6) |
Removal Of Previous Versions Of Software / Firmware |