CCE-19974-5Platform: ms-sql2005 | Date: (C)2013-02-19 (M)2022-10-10 |
Analysis Services database roles should be configured appropriately for a specified server.
Parameter:
(1) database name
(2) database roles
(3) usernames
Technical Mechanism:
From the SQL Server Management Studio GUI:
1. Connect to the Analysis Services instance
2. Expand the Analysis Services instance
3. Expand Databases
4. Repeat for each database:
a. Click on each database role
b. Open the member list
c. Select any unauthorized users
d. Click or unclick the Remove button
e. Click OK
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
DISA STIG SQL 2005 INS Version 8, Release 1.7 Benchmark Date: 27 August 2010 | Rule ID: V0015194 Rule Title: Only authorized accounts should be assigned to one or more Analysis Services database roles. STIG ID: DM6109 Severity: CAT II Class: Unclass |