Software Updates

Database Security Knowledgebase Update 5.12

Written by | Mar 13, 2017 10:02:00 AM

This month's update for Database Security Knowledgebase is now available. Knowledgebase version 5.12 includes new and updated checks for Oracle and Sybase ASE.

New Vulnerability and Configuration Check Highlights

Oracle

  • SQL Injection in CDBView package

o Database Activity Monitoring - Monitor for attacks using sys.CDBView.create_cdbview SQL Injection.

o Risk: Auditing

o Relevant CVEs:N/A

Updated Checks

Sybase ASE

  • Check for Sybase ASE 16.0 SP02 PL05 HF1

o Vulnerability Assessment - Latest patch not applied

o Risk: High

o Relevant CVEs:N/A

  • Check for Sybase ASE 16.0 SP02 PL05 HF1

o Vulnerability Assessment - Patch not applied on time

o Risk: High

o Relevant CVEs:N/A

New Policies

  • DISA-STIG SQL Server 2014 V1R3 - Audit (Built-In)
  • DISA-STIG SQL Server 2012 V1R13 - Audit (Built-In)

Availability

  • Available to allAppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual) in good standing at no additional cost
  • AppDetectivePRO customers can use the Updater within the product as well