Ensure default vendor-supplied DB administrator credentials are replaced with strong, unique passwords and that these credentials are properly managed using a secure password or secrets management solution.
Database / Relational / Controls / DEV
Password Management
CCC.RDMS.CN01 · Access
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.RDMS.CP06 | DB Managed Credentials | Ability to managed the database credentials using the cloud provider's secret management service. |
| CCC.RDMS.CP07 | DB Self Managed Credentials | Ability to manage the database credentials by client managed username and passwords. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.RDMS.TH01 | Unauthorized Access via Default Credentials | If default credentials are not disabled or changed, unauthorized access may be gained to the RDMS environment. This may lead to data breaches, data manipulation, or overall compromise of the database instance. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.RDMS.CN01.AR02 | When an attempt is made to authenticate to the database using known default credentials, the authentication attempt must fail and no access should be granted. | tlp-red, tlp-amber |