AuditPro v4.0.0

Description:
Check to determine if the sa account is configured without a password. By default, the sa account is blank. If the sa account is left without password protection, anyone can act as administrator on the SQL server. Once an authorized user gains access to the sa account, it is easy to gain access to admin privileges on the Windows NT Server by using commands such as xp_cmdshell.

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Blank sa Password	No violations found

Description:
Default login is used when SQL Server is configured for Windows NT Authentication. When the authorized windows user does not have any entry in sysxlogins table, SQL Server allows him to enter with the default login's credentials.
Ensure that the default login is not "sa" or a user with administrative privileges, otherwise any windows login will have administrative pivileges on the Databases.

CVE Reference No.: CVE-NO-MATCH

Severity	Value	Data
	DefaultLogin	guest

Solution:
Change the default login to either blank or to a non-existent login to completely deny access through the default login. To allow access through the default, change the login to an existing account.

Description:
DTS packages can be saved to SQL Server's Meta Data Service. This gives administrators the ability to save meta data about the package as well as data lineage. When a DTS package is saved as a Meta Data Service, the account and password used to connect to the data source is saved in the table msdb.dbo.RTblDBMProps. This table is publicly viewable on a default installation of Microsoft SQL Server 2000.

CVE Reference No.: CVE-NO-MATCH

Severity	Table	Privilege	Grantor	Grantee	Is Grantable
	RTblDBMProps	REFERENCES	dbo	N/A	NO
	RTblDBMProps	SELECT	dbo	N/A	NO
	RTblDBMProps	INSERT	dbo	N/A	NO
	RTblDBMProps	DELETE	dbo	N/A	NO
	RTblDBMProps	UPDATE	dbo	N/A	NO

Solution:
To prevent anyone from accessing the passwords stored in this table, it is recommended that you perform two tasks:

1) Remove the guest user from the database msdb.

This is accomplished by executing the following command from Query Analyzer:
use msdb
sp_dropuser 'guest'

2) Revoke public permissions from the table msdb.dbo.RTblDBMProps.

This is accomplished by executing the following command from Query Analyzer:
use msdb
revoke select on RTblDBMProps from public

Description:
Guest accounts should not be created on databases at all. However, the guest account in the 'master' and 'msdb' databases cannot be removed.
It is advisable to remove this account completely if it exists.

CVE Reference No.: CVE-NO-MATCH

Severity	Name	Database access	Created On
	guest	Yes	8/6/2000 1:27:47 AM

Solution:
Delete the guest user ID from all databases. Within each database that has a guest user ID, execute the command "sp_dropuser guest."

Description:
These are the Windows logins on the local server which have access to SQL Server. Check if these are valid users for access to SQL Server, and review their roles and privileges.

CVE Reference No.: CVE-NO-MATCH

Solution:
As needed, remove unnecessary Windows NT/2000 accounts from SQL Server by using the command "xp_revokelogin."

Description:
MS SQL Server provides two types of Authentication mechanisms.

Windows NT Authentication:

In this authentication Mode, SQL Server relies solely on Windows to authenticate users. Windows users or groups are then granted access to SQL Server.
Microsoft itself recommends using Windows Authetication method for SQL Server. Windows provides Mutual Authentication, Message Confidentiality via Encryption, and Message Integrity. This also makes Administration Easier.

Mixed Mode Authentication:

In Mixed Mode, users are first authenticated by Windows Authentication and if the valid Windows account is not present, SQL Server uses its own database (sysxlogins table) to authenticate users who are authenticated by SQL Server username-password pairs maintained within the SQL Server.
SQL Server does not provide Secured Authentication or Network data transmission as compared to Windows. This authentication mode distinguishes between Windows users and SQL Server users. This also simplifies administering access controls to SQL Server users only.

   1  =  Windows Authentication
   2  =  Mixed Mode (both SQL and Windows Authentication)

CVE Reference No.: CVE-NO-MATCH

Severity	Value	Data
	LoginMode	2

Solution:
Use of Windows NT Authentication is recommended. Change the authentication mode using Enterprise Manager

Description:
Check for mismatched user IDs. A mismatched user ID occurs when a user ID is mapped to a login ID of a different name. For example, user ID jdoe should map to login ID jdoe, not to johnd. Mismatching user IDs makes administration more complex and can result in inappropriate permissions being assigned. Mismatched users are often evidence that an orphaned user ID was mapped to an incorrect login.

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Mismatched User IDs	No violations found

Description:
Check for the orphaned users who are not associated with any SQL Logins but exist in databases. Generally this situation does not exist because when any SQL Login is deleted then its associated user IDs are also deleted from the databases. However if the new database is added to SQL Server or while restoring databases from backups, which has existing user there will be no SQL logins associated with them and hence will have to be considered as orphaned

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Orphaned User IDs	No violations found

Description:
SQL Server provides an engine, called the SQL Server Agent, to perform maintenance tasks. If the agent is configured to use a login name and password, the stored procedure sp_get_sqlagent_properties can be used to discover the password. By default, all logins can execute this stored procedure.

CVE Reference No.: CVE-NO-MATCH

Severity	PROCEDURE_NAME	GRANTOR	GRANTEE
	sp_get_sqlagent_properties	dbo	public

Solution:
Microsoft strongly recommends that you use Windows authentication rather than saving the SQL Server Agent password in the registry.

To prevent non-privileged users from executing this function and retrieve the password, it is recommended that you perform two tasks:

1) Remove the guest user from the msdb database.

This is accomplished by executing the following command from Query Analyzer:
use msdb
sp_dropuser 'guest'

2) Revoke public permissions from the stored procedure.

This is accomplished by executing the following command from Query Analyzer:
use msdb
revoke execute on sp_get_sqlagent_properties from public

Description:
Check that CmdExec and ActiveScripting jobs are restricted to sysadmin users only. SQL Server Agent allows users to create and schedule jobs which execute commands on the selected subsystem depending on the job type. Jobs of type TSQL run SQL statements against the server, while CmdExec jobs can run commands or execute programs just as if you were at an operating system prompt. Jobs that execute under the CmdExec or ActiveScripting subsystems can execute operating system commands. This condition poses a security risk and should be restricted. The SQL Server agent can be configured so that only users with sysadmin role can run these types of jobs

CVE Reference No.: CVE-NO-MATCH

Severity	Value	Data
	SysAdminOnly	1

Solution:
Using Enterprise Manager, click on Management. Right-click on SQL Server Agent, and go to Properties. Click on the Job System tab and ensure that the checkbox for 'Only users with SysAdmin privileges can execute CmdExec and ActiveScripting job steps' is selected.

Description:
A security issue exists that allows Agent jobs to create arbitrary file. By default, the public group is allowed to create jobs that the Agent runs. By crafting malicious job, a non-privileged login can write arbitrary files on the operating system. The stored procedures used to create Agent job are
sp_add_job
sp_add_jobstep
sp_add_jobserver
sp_start_job.
Revoke execute permissions on these stored procedures from group public and other low privilege users.

CVE Reference No.: CAN-2002-0721

Severity	PROCEDURE_NAME	GRANTOR	GRANTEE
	sp_add_jobserver	dbo	public
	sp_add_jobserver	dbo	TargetServersRole
	sp_add_job	dbo	public
	sp_add_job	dbo	TargetServersRole
	sp_start_job	dbo	public
	sp_start_job	dbo	TargetServersRole
	sp_add_jobstep	dbo	public
	sp_add_jobstep	dbo	TargetServersRole

Solution:
It is recommended to revoke execute permissions on the following

Description:
Check that the remote access option is not enabled. The remote access option determines if connections to and from other Microsoft SQL Servers are allowed. Remote connections are required for features such as replication and remote stored procedures. For servers where remote access is not required, this feature should be disabled.

CVE Reference No.: CVE-NO-MATCH

Severity	comment	value
	Allow remote access	Yes

Solution:
Use Enterprise Manager to change the Remote Access settings to conform to policy.

Description:
MS SQL Server uses system tables for its internal operations. Updates to system table is very critical as it could prevent running an instance of SQL Server or possibly a loss of data. Hence Updates to system tables should be strictly prohibited, not only for security reasons but also for performance stability.
Default settings for Allow update is 0, which prevents ad-hoc access to system tables, even if user has appropriate permissions.
If direct updates is allowed to the system tables using ad-hoc queries, Users can create stored procedures to update system tables. Once stored procedures get created while Allow Update is enabled, these stored procedures have the ability to update system tables even when Allow Update is disabled.

Its recommended to disable Allow Update to system table.

CVE Reference No.: CVE-NO-MATCH

Severity	comment	value
	Allow updates to system tables	No

Solution:

1. Change the Allow Updates to System Tables option using Enterprise Manager.
2. Click the right mouse button on the server and select Properties from the popup menu.
3. Select the Server Settings tab.
4. Change the value of the Allow modifications to the system catalogs field. When the checkbox is selected, the function is enabled.

Description:
By default the Windows group BUILTIN/Administrators is granted the sysadmin role in Microsoft SQL Server. This makes any Windows administrator a SQL Server administrator also. It is a good security practice to separate these responsibilities and remove the BUILTIN/Administrators from the sysadmin role.

CVE Reference No.: CVE-NO-MATCH

Severity	name	Is system administrator
	BUILTIN/Administrators	Yes

Solution:
WARNING!!! Removing the BUILTIN/Administrators group in a complex environment may have side effects. If you decide to remove the BUILTIN/Administrators group, you should confer with the database administrator and ensure you will not encounter any situation which may cause problems for your database server.

To safely remove the BUILTIN/Administrators group, following the directions below:

1) Create a windows group that will be used to administer SQL Server.
2) Place any DBA windows users in this group.
3) Delete the BUILTIN/Administrators login or remove it from the sysadmin server role.

Description:
Microsoft SQL Server provides two functions that allow users to query data and execute statements on external data sources. These functions are OPENROWSET and OPENDATASOURCE. One security issue that exists in allowing SQL Server users to access remote data sources is that Jet 4.0 can be used to call unsafe Visual Basic for Applications functions.
The function OPENROWSET or OPENDATASOURCE can also be used to access data that can be served through an OLEDB provider or an ODBC driver. A non-privileged user can call one of these functions to open a connection to an Access database and run a SQL statement. Because statements can run unsafe VBA functions, a remote SQL Server user can cause the SQL Server to execute the VBA function under the permissions of the SQL Server service. Below is an example of this:

CVE Reference No.: CVE-NO-MATCH

Solution:
The restrictions on the sandbox mode are controlled by setting the value SandboxMode under the registry key HKEY_LOCAL_MACHINE/Software/Microsoft/Jet/4.0/engines.

Description:
The system table master stores the critical data used by SQL Server for its internal operations. Tampering with this database may result in unusual behaviour of server or the server may stop working.

CVE Reference No.: CVE-NO-MATCH

Severity	name	Default Database
	BUILTIN/Administrators	Master
	sa	Master

Solution:

Therefore when new logins are created ensure that their default database is not master. Given below is a list of users who has their default database as master.

It is recommended to change the default databases of the following logins to their respective database other than master, msdb and temp.

Description:
The system stored procedure sp_readwebtask in the master database is used to read web tasks. By default, permission on this system stored procedure is granted to the group public.

CVE Reference No.: CVE-NO-MATCH

Severity	PROCEDURE_NAME	GRANTOR	GRANTEE
	sp_readwebtask	dbo	public

Solution:
The group public should not have permission to execute the system stored procedure sp_readwebtask. You can revoke access by using the following command:

REVOKE EXECUTE ON master.dbo.sp_readwebtask FROM public

Description:
By default, the group public in the master database has EXECUTE permissions on the system stored procedure sp_runwebtaskBy allowing the group public to modify data in the mswebtasks table, a low-privileged login can write files to the operating system. Allowing arbitrary files to be created on the operating system could allow an attacker to cause damage or gain control of the operating system.
The group public and low-privilege users should not have permission to execute the system stored procedure sp_runwebtask. You must revoke execute permissions on sp_runwebtask from group public and other users

CVE Reference No.: CVE-NO-MATCH

Severity	PROCEDURE_NAME	GRANTOR	GRANTEE
	sp_runwebtask	dbo	public

Solution:
The group public should not have permission to execute the system stored procedure sp_runwebtask. You can revoke access by using the following command:

Description:

CVE Reference No.: CVE-NO-MATCH

Solution:

Description:
The system table syslogins contains the list of valid logins allowed in the master database. Anyone granted access to select from the table can gather a list of valid logins to attack.

CVE Reference No.: CVE-NO-MATCH

Severity	Table	Privilege	Grantor	Grantee	Is Grantable
	syslogins	SELECT	dbo	public	NO

Solution:
Only members of the sysadmin role should have permissions to perform any action on the syslogins table. You can revoke access from the syslogins table using the following command:

REVOKE SELECT ON master.dbo.syslogins FROM [username or group]

Description:
Default login is used when SQL Server is configured for Windows NT Authentication. When the authorized windows user does not have any entry in sysxlogins table, SQL Server allows him to enter with the default login's credentials.
Ensure that the default login is not "sa" or a user with administrative privileges, otherwise any windows login will have administrative pivileges on the Databases.

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Permissions given to each Role	No violations found

Description:
Security best practices dictate that permissions should be granted to groups rather than to users. By using groups to manage permissions, revoking and granting permissions is less error-prone and more manageable.
Revoke all permissions granted directly to a user. Then create a group, grant all the privileges required to the group, and then grant the group to the users that require the permissions

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Permissions granted directly to user	No violations found

Description:
system stored procedure called sp_MSsetalertinfo in the master database. This stored procedure is used to configure how SQL Server forwards alerts. While the ability to change one of these settings does not by itself result in a vulnerability, it can be used by an attacker to mask attacks. For instance, alert forwarding can be redirected or disabled.
The group public should not have permission to execute sp_MSsetalertinfo. Revoke public execute permission on this stored procedure immediately

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Permissions on sp_MSsetalertinfo	No violations found

Description:
system stored procedure called sp_MSSetServerProperties in the master database. This stored procedure is used to set SQL Server to automatically start on reboot of the Windows server. Anyone with access to execute this stored procedure can change SQL Server to not restart on reboot. While changing this setting does not by itself result in a vulnerability, it can be used as a form of a denial of service attack. It can also be used in sophisticated attacks that may want to take over the port owned by SQL Server after rebooting the system.
By default, the public group in the master database has EXECUTE permissions on the system stored procedure sp_MSSetServerProperties.
It is strongly recommended to revoke execute permission on this stored procedure from public

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Permissions on sp_MSSetServerProperties	No violations found

Description:
Check for permissions granted on system tables to public. Microsoft SQL Server defaults to allow all users to view the majority of the system tables. The system tables contain information such as login IDs, permissions, objects, and even the text of all stored procedures. In a secure environment, all access to these tables by users should be through system stored procedures or the INFORMATION_SCHEMA views. The system procedures and views contain checks to ensure that users can only access data that they should be allowed to see

CVE Reference No.: CVE-NO-MATCH

Severity	TABLE_NAME	GRANTEE	GRANTOR	PRIVILEGE_TYPE	IS_GRANTABLE
	sysobjects	public	dbo	SELECT	NO
	sysindexes	public	dbo	SELECT	NO
	sysfilegroups	public	dbo	SELECT	NO
	syscolumns	public	dbo	SELECT	NO
	systypes	public	dbo	SELECT	NO
	syscomments	public	dbo	SELECT	NO
	syspermissions	public	dbo	SELECT	NO
	sysusers	public	dbo	SELECT	NO
	sysdepends	public	dbo	SELECT	NO
	sysreferences	public	dbo	SELECT	NO
	sysfulltextcatalogs	public	dbo	SELECT	NO
	sysindexkeys	public	dbo	SELECT	NO
	sysforeignkeys	public	dbo	SELECT	NO
	sysmembers	public	dbo	SELECT	NO
	sysprotects	public	dbo	SELECT	NO
	sysdatabases	public	dbo	SELECT	NO
	sysprocesses	public	dbo	SELECT	NO
	syslocks	public	dbo	SELECT	NO
	sysdevices	public	dbo	SELECT	NO
	sysmessages	public	dbo	SELECT	NO
	sysconfigures	public	dbo	SELECT	NO
	syscurconfigs	public	dbo	SELECT	NO
	sysservers	public	dbo	SELECT	NO
	syslockinfo	public	dbo	SELECT	NO
	syslanguages	public	dbo	SELECT	NO
	syscharsets	public	dbo	SELECT	NO
	sysfiles	public	dbo	SELECT	NO

Solution:
Remove permissions to system tables from the group public in each database.

Description:
The system table sysxlogins in the master database contains critical data like name, password and status of the SQL Server Logins. This table should not have even the SELECT permission to low-privileged users.

If any low-privileged user has any permission on this table, it is strongly recommended to revoke that permission immediately

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Permissions on sysxlogins table	No violations found

Description:
Xp_cmdshell is an extended stored procedure which executes a command as an operating-system command shell and returns the output.By default, only the dbo and members of sysamdin role can execute this extended stored procedure. Other users can be granted access to execute this procedure. It is recommended that you grant access to execute this function only when absolutely necessary.
It is strongly recommended to revoke execute permissions on xp_cmdshell from users other than members of sysadmin role

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Permissions on xp_cmdshell	No violations found

Description:
Checks that execute permissions have not been granted to public on the extended stored procedure xp_sprintf. Prior to service pack 5 of SQL Server 6.5, the procedure was vulnerable to a buffer overflow. The buffer overflow results in the server crashing and could result in malicious code being executed by the server. Permissions for this procedure are granted to public by default when installing SQL Server.

CVE Reference No.: CVE-NO-MATCH

Severity	PROCEDURE_NAME	GRANTOR	GRANTEE
	xp_sprintf	dbo	public

Solution:
Remove permissions to the extended stored procedure by executing the following statement from any standard query tool: revoke execute on xp_sprintf from public

Description:
A security issue exists that allows Agent jobs to create arbitrary file. By default, the public group is allowed to create jobs that the Agent runs. By crafting malicious job, a non-privileged login can write arbitrary files on the operating system.

CVE Reference No.: CVE-NO-MATCH

Severity	PROCEDURE_NAME	GRANTOR	GRANTEE
	sp_add_jobserver	dbo	public
	sp_add_jobserver	dbo	TargetServersRole
	sp_add_job	dbo	public
	sp_add_job	dbo	TargetServersRole
	sp_start_job	dbo	public
	sp_start_job	dbo	TargetServersRole
	sp_add_jobstep	dbo	public
	sp_add_jobstep	dbo	TargetServersRole

Solution:
To prevent this attack, it is recommended that you revoke permissions from public on the following procedures:

sp_add_job
sp_add_jobstep
sp_add_jobserver
sp_start_job

These procedures are used to create Agent jobs.

Description:
Microsoft SQL Server has several sample databases which are used to demonstrate functionality and to test the server. It is recommended on a production system that you remove these databases.

CVE Reference No.: CVE-NO-MATCH

Severity	name	created on
	model	8/6/2000 1:40:52 AM
	Northwind	8/6/2000 1:41:00 AM
	pubs	8/6/2000 1:40:59 AM

Solution:
Drop any sample databases from any production system. To drop these databases, run the following commands:

drop database pubs
go
drop database Northwind
go
drop database AdventureWorks
go
drop database AdventureWorksDW
go

Description:
After SQL Server service is started, it checks if the option scan for startup stored procedures is enabled or not. If its enabled, SQL Server scans and executes the stored procedures which are configured to be executed at startup.

If this option is enabled it is recommended to review the all startup stored procedures for trojans or any malicious code.

CVE Reference No.: CVE-NO-MATCH

Severity	comment	value
	scan for startup stored procedures	No

Solution:
Please review the startup procedures to avoid any problems

Description:
Default login is used when SQL Server is configured for Windows NT Authentication. When the authorized windows user does not have any entry in sysxlogins table, SQL Server allows him to enter with the default login's credentials.
Ensure that the default login is not "sa" or a user with administrative privileges, otherwise any windows login will have administrative pivileges on the Databases.

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Scheduled jobs	No violations found

Description:
SQL Server provides an engine, called the SQL Server Agent, to perform maintenance tasks. If the agent is configured to use a login name and password, the stored procedure sp_get_sqlagent_properties can be used to discover the password. By default, all logins can execute this stored procedure.

CVE Reference No.: CVE-NO-MATCH

Severity	PROCEDURE_NAME	GRANTOR	GRANTEE
	sp_get_sqlagent_properties	dbo	public

Solution:
Microsoft strongly recommends that you use Windows authentication rather than saving the SQL Server Agent password in the registry.

To prevent non-privileged users from executing this function and retrieving the password, it is recommended that you perform two tasks:

1) Remove the guest user from the msdb database.

This is accomplished by executing the following command from Query Analyzer:
use msdb
sp_dropuser 'guest'

2) Revoke public permissions from the stored procedure.

This is accomplished by executing the following command from Query Analyzer:
use msdb
revoke execute on sp_get_sqlagent_properties from public

Also note that installing Service Pack 3 (8.00.760) or greater causes these permissions to be automatically revoked.

Description:
Check startup stored procedures. SQL Server can be configured to execute stored procedures at startup. Startup stored procedures execute using sa permissions and can be used as Trojan horses. The use of startup stored procedures should be limited because they increase the security risk associated with SQL Server

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Startup Stored Procedures	No violations found

Description:
Check for statement permissions granted to security accounts. Granting statement permissions gives users the authorization to create database objects and perform backups. Database administration activities should only be performed by the database owner. In addition, SQL Server 7.0 introduces fixed database roles which facilitate the delegating of database administration functions to users other than the database owner. The statement permissions that can be explicitly granted are:

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Statement Permissions	No violations found

Description:
Check whether execute permissions are being bypassed from within temporary stored procedures. Permission checking in temporary stored procedures may be bypassed, allowing any user to execute a stored procedure from within a temporary stored procedure. When a temporary stored procedure calls another stored procedure in a database whose owner is sa, normal permission checking is bypassed. Since any user can create a temporary stored procedure and the master database is owned by sa, this vulnerablity allows any user to execute most system stored procedures, including extended procedures such as xp_cmdshell. Depending on the context under which xp_cmdshell run, this could allow any user to gain administrative access to the server.

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Temporary Stored Procedures	No violations found

Description:
Check for objects not owned by the database owner. SQL Server objects include tables, views, stored procedures, triggers, defaults, and rules. The user that creates an object becomes the object owner. For security and performance reasons, only the database owner should be allowed to create and own objects. Checking for objects that were not created by the database owner helps ensure that Trojan horses and other unauthorized changes have not been made to the server. Having multiple object owners also degrades performance. SQL Server performs optimally when using ownership chains. An ownership chain exists when objects reference other objects that have the same owner. SQL Server bypasses the work of performing security checks on other objects in the chain

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Unauthorised Object Owners	No violations found

Description:
Creates and alters databases

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	User present in Database creator Role	No violations found

Description:
These above mentioned roles have been created by the DBA.

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	User-defined Roles and Users	No violations found

Description:
The following table lists the users and the roles assigned to them. Review each user and its Role. Use the principle of assigning minimum permissions and ensure that each user has limited permissions to enable him to do his job.

CVE Reference No.: CVE-NO-MATCH

Solution:

Description:
Manages disk files.

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Users present in Diskadmin Role	No violations found

Description:
Manages processes running in an instance of SQL Server.

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Users present in Processadmin Role	No violations found

Description:
Manages server wide Security. Adds logins,users , can change passwords, grant and revoke privileges and roles.Only one user should be present in this role. If there are more than one user check the credentiality of those users and then revoke if needed.

CVE Reference No.: CVE-NO-MATCH

Severity	Parameter	Value
	Users present in securityadmin Role	No violations found