Custom database code and associated application code must not contain information beyond what is needed for troubleshooting.

An XCCDF Rule

Details
Profiles

Description

Error codes issued by custom code could provide more information than needed for problem resolution and should be vetted to make sure this does not occur.

ID: SV-251625r961167_rule
Version: IDMS-DB-000540
Severity: Medium
References: CCI-001312
Updated: 24 days ago

Remediation Templates

Configure custom database code, and associated application code not to divulge sensitive information or information useful for system identification in error messages.

Custom database code and associated application code must not contain information beyond what is needed for troubleshooting.

Description

Remediation Templates

A Manual Procedure