Trustwave Database Security Knowledgebase (ShatterKB) 6.38 is now available. It introduces new checks for Oracle, Cassandra, MySQL and Microsoft Azure SQL Database.
New Checks - Cassandra
- Default cassandra user found
Description: Verify if default user 'cassandra' is present in the database.
Risk: Medium
- Cassandra - CVE-2023-30601
Description: Check the database version to determine if the patch for CVE-2023-30601 is missing.
Risk: High
- Cassandra - CVE-2016-4970
Description: Check the database version to determine if the patch for CVE-2016-4970 is missing.
Risk: High
New Checks - Microsoft Azure SQL Database
- Audit records for successful attempts to modify security objects
Description: Check if audit records are generated when security objects are modified
Risk: Medium
- Audit records for successful logons
Description: Check if audit records are generated when successful logons or connections occur.
Risk: Medium
- Audit records for unsuccessful attempts to modify security objects
Description: Check if audit records are generated when unsuccessful attempts to modify security objects occur
Risk: Medium
- Audit records for unsuccessful granting of privileges
Description: Check if audit records are generated when unsuccessful attempts to add privileges/permissions occur.
Risk: Medium
- Audit records for successful logons from different workstations
Description: Check if audit records are generated when concurrent logons/connections by the same user from different workstations occur.
Risk: Medium
- Audit records for unsuccessful attempts to modify permissions
Description: Check if audit records are generated when unsuccessful attempts to modify privileges/permissions occur.
Risk: Medium
- Audit records generates time for user access to the database
Description: Check if audit records show the starting and ending time for user access to the database.
Risk: Medium
- Audit records of successful granting of privileges
Description: Check if audit records are generated when privileges/permissions are added.
Risk: Medium
- Audit records for successful attempts to modify permissions
Description: Check if audit records are generated when privileges/permissions are modified.
Risk: Medium
- Audit records for unsuccessful attempts to delete security objects
Description: Check if audit records are generated when unsuccessful attempts to delete security objects occur
Risk: Medium
- Audit records for successful attempts to delete security objects
Description: Check if audit records are generated when security objects are deleted
Risk: Medium
- Audit records for unsuccessful attempts to delete permissions
Description: Check if audit records are generated when unsuccessful attempts to delete privileges/permissions occur.
Risk: Medium
- Audit records for successful attempts to delete permissions
Description: Check if audit records are generated when privileges/permissions are deleted.
Risk: Medium
- Audit records for unsuccessful logons
Description: Check if audit records are generated when unsuccessful logons or connection attempts occur.
Risk: Medium
New Checks - MySQL
- Critical Patch Update - October 2023
Description: Check version to determine if the database contains vulnerabilities described by Critical Patch Update - October 2023.
Risk: High
- Critical Patch Update - October 2023
Description: Check version to determine if the database contains vulnerabilities described by Critical Patch Update - October 2023.
Risk: High
New Checks - Oracle
- Oracle Critical Patch Update/Patch Set Update - October 2023
Description: Check version to determine if the database contains vulnerabilities described by Critical Patch Update/Patch Set Update - October 2023.
IMPORTANT! This check is designed to verify if a specific CPU/PSU is needed and installed. If you do not have adequate privileges on the database or operating system, the check may indicate it can not detect if the CPU/PSU is installed. In this case, ensure you have adequate permissions and re-run the check.
Risk: High
- Oracle Critical Patch Update/Patch Set Update - October 2023
Description: Check version to determine if the database contains vulnerabilities described by Critical Patch Update/Patch Set Update - October 2023.
IMPORTANT! This check is designed to verify if a specific CPU/PSU is needed and installed. If you do not have adequate privileges on the database or operating system, the check may indicate it can not detect if the CPU/PSU is installed. In this case, ensure you have adequate permissions and re-run the check.
Risk: High
Availability
- Available to all AppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual) in good standing at no additional cost.
- Download SHATTER Knowledgebase from the Trustwave Support Portal. (https://www.trustwave.com/Company/Support/ and select AppDetectivePRO or DbProtect)
- AppDetectivePRO customers can use the Updater within the product as well
