SEI Idea Portal
A high vulnerability has been found within the CARDIOLABCCWPRD server. The finding is: a Public role has been granted permissions on the CARDDAS database.
We would like to have this permission database removed from the Public role. We would perform this remediation once GE determines it is safe to do so without impacting needed functionality.
It is a security recommendation from the HIPPA audit that Idera SQL Secure runs and they have called out the following:
"Security Check: Public Role Has Permissions on User Database Objects.
Determine whether the public database role has been granted permissions on user database objects.
Risk Level: High
Server is vulnerable if the public role has been granted permissions on user databases."
