Trustwave Database Security Knowledgebase version 6.02 includes new checks for Elasticsearch and updated checks for IBM Db2, MongoDB, PostgreSQL, and Teradata
It is also cumulative of version 6.01 which introduced new checks for Elasticsearch, MariaDB, Microsoft SQL Server, MySQL, and Oracle and updated checks for MySQL and Teradata.
New policies are also available for DISA STIG.
New Vulnerability and Configuration Check Highlights
Elasticsearch
- Privilege escalation via API keys and authentication tokens creation
- Risk: High
- Privilege escalation via API keys creation
- Risk: High
- Race condition in response headers
- Risk: Medium
- Username disclosure in the API Key service
- Risk: Medium
- Anonymous access is enabled
- Risk: Medium
- Ensure Federal Information Processing Standard (FIPS) is enabled
- Risk: Medium
- Field disclosure in scrolling search
- Risk: Medium
- Password hashing algorithm
- Risk: Low
Microsoft SQL Server
- Microsoft SQL Server Analysis Services Information Disclosure Vulnerability (2017-Aug)
- Risk: Medium
- Microsoft SQL Server Remote Code Execution Vulnerability (2018-Aug)
- Risk: High
MySQL
- Critical Patch Update - October 2020
- Risk: High
Oracle
- Critical Patch Update/Patch Set Update - October 2020
- Risk: High
MariaDB
Updated Checks
- Latchest patch, Fix Pack, patchset checks updated for IBM Db2, MongoDB, PostgreSQL, Teradata, and MySQL
New Policies
- DISA-STIG MongoDB EA 3.x V1R2 – Audit
- DISA-STIG PostgreSQL 9.x V2R1 – Audit
- DISA-STIG SQL Server 2016 V2R1-1 Audit
Availability
- Available to all AppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual) in good standing at no additional cost.
- AppDetectivePRO customers can use the Updater within the product as well