Trustwave Database Security Knowledgebase version 6.03 includes new checks for MySQL, Oracle, and MongoDB and updated checks for Teradata.
New policies are also available for DISA STIG and CIS.
New Vulnerability and Configuration Check Highlights
MySQL
- The PLEASE_READ_ME ransomware campaign
- Risk: High
Oracle
- Audit of users last login date
- Risk: Medium
MongoDB
- Vulnerability in the MongoDB Server – CVE-2019-2386
- Risk: High
- Vulnerability in the MongoDB Server – CVE-2019-2389
- Risk: Medium
Updated Checks
- Latest patch not applied for Teradata
New Policies
- DISA-STIG Oracle 11gR2 V1R19 – Audit
- DISA-STIG Oracle 12c V1R18 – Audit
- CIS v1.0.0 for Oracle 18c – Audit
Availability
- Available to all AppDetectivePRO and DbProtect customers with maintenance (subscription or perpetual) in good standing at no additional cost.
- AppDetectivePRO customers can use the Updater within the product as well