Trustwave Database Security Knowledgebase (ShatterKB) 6.08 is now available. It introduces new checks for IBM Db2 LUW, MongoDB, and updated checks for Teradata. It also brings updates to compliance policies and new for CIS and DISA STIG.
IBM Db2 LUW
IBM Db2 missing patches (APAR IT32121, APAR IT32122)
Check the Db2 version to determine if the patch for APAR IT32121 or APAR IT32122 is missing.
Risk: High
MongoDB
Vulnerability in MongoDB Server - CVE-2021-20326
Check version to determine if the database contains vulnerability described by CVE-2021-20326.
Risk: Medium
Teradata
Latest patch not applied
Risk: High
CIS v1.0.0 for Oracle 19c - Audit (Built-in)
This policy has been created with guidance of the security configuration benchmarks for Oracle 19c by the Center for Internet Security.
DISA-STIG Oracle 11.2g V2R1 - Audit (Built-In)
This policy has been created with the guidelines mapped out in the DOD Security Technical Implementation Guide(s) "Oracle 11.2g Checklist Security Technical Implementation Guide V2R1"
DISA-STIG Oracle 12c V2R1 - Audit (Built-In)
This policy has been created with the guidelines mapped out in the DOD Security Technical Implementation Guide(s) "Oracle 12c Checklist Security Technical Implementation Guide V2R1"
DISA-STIG SQL Server 2016 V2R1-3 Audit (Built-In)
This policy has been created with the guidelines mapped out in the DOD Security Technical Implementation Guides "Microsoft SQL Server 2016 Security Technical Implementation Guide Version 2 Database Release 1 and Instance Release 3".