Skip to content

Commit 2a85ca6

Browse files
VanMSFTVanMSFT
committed
testing nobr
1 parent b2d113f commit 2a85ca6

File tree

1 file changed

+95
-6
lines changed

1 file changed

+95
-6
lines changed

articles/sql-database/sql-database-vulnerability-assessment-rules.md

Lines changed: 95 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ description: "List of rule titles and descriptions"
44
services: sql-database
55
ms.service: sql-database
66
ms.subservice: security
7-
ms.topic: conceptual
7+
ms.topic: reference
88
author: VanMSFT
99
ms.author: vanto
1010
ms.reviewer: vanto
@@ -19,9 +19,98 @@ The rules shown in your database scans depend on the SQL version and platform th
1919

2020
To learn about how to implement Vulnerability Assessment on SQL Databases see [Implement Vulnerability Assessment](https://docs.microsoft.com/azure/sql-database/sql-vulnerability-assessment#implementing-vulnerability-assessment).
2121

22+
## Rules
2223

23-
>[!div class="mx-tdCol3BreakAll"]
24-
>|Rule Id |Rule Title |Rule Category |Rule Severity |Rule Description |Platform |
25-
>|---------|---------|---------|---------|---------|---------|
26-
>| VA1017 |Execute permissions on xp_cmdshell from all users (except dbo) should be revoked |AuthenticationAndAuthorization |High |The xp_cmdshell extended stored procedure spawns a Windows command shell |SQLServer2012 and above |
27-
>| VA1018 |Latest updates should be installed |InstallationUpdatesAndPatches |High |Microsoft periodically releases Cumulative Updates (CUs) for each version of SQL Server. This rule checks whether the latest CU has been installed for the particular version of SQL Server being used, by passing in a string for execution. This rule checks that all users (except dbo) do not have permission to execute the xp_cmdshell extended stored procedure. |SQLServer2005</br>SQLServer2008</br>SQLServer2008R2</br>SQLServer2012</br>SQLServer2014</br>SQLServer2016</br>SQLServer2017</br>|
24+
|Rule Id |Rule Title |Rule Category |Rule Severity |Rule Description |Platform |
25+
|---------|---------|---------|---------|---------|---------|
26+
| VA1017 |Execute permissions on xp_cmdshell from all users (except dbo) should be revoked |AuthenticationAndAuthorization |High |The xp_cmdshell extended stored procedure spawns a Windows command shell |</nobr>SQL Server 2012 </br>and above |
27+
| VA1018 |Latest updates should be installed |InstallationUpdatesAndPatches |High |Microsoft periodically releases Cumulative Updates (CUs) for each version of SQL Server. This rule checks whether the latest CU has been installed for the particular version of SQL Server being used, by passing in a string for execution. This rule checks that all users (except dbo) do not have permission to execute the xp_cmdshell extended stored procedure. |</nobr>SQL Server 2005</br>SQL Server 2008</br><nobr>SQL Server 2008R2</nobr></br>SQL Server 2012</br>SQL Server 2014</br>SQL Server 2016</br>SQL Server 2017</br>|
28+
|VA1020 |Database user GUEST should not be a member of any role |AuthenticationAndAuthorization |High |The guest user permits access to a database for any logins that are not mapped to a specific database user. This rule checks that no database roles are assigned to the Guest user. |<nobr/>SQL Server 2012 </br>and above |
29+
|VA1021 |Global temporary stored procedures should be removed |DataProtection |High |A global temporary stored procedure is visible to all sessions and is dropped when the session of the user that created it is closed. This rule checks that there are no global stored procedures. |<nobr/>SQL Server 2012 </br>and above |
30+
|Row5 | | | | | |
31+
|Row6 | | | | | |
32+
|Row7 | | | | | |
33+
|Row8 | | | | | |
34+
|Row9 | | | | | |
35+
|Row10 | | | | | |
36+
|Row11 | | | | | |
37+
|Row12 | | | | | |
38+
|Row13 | | | | | |
39+
|Row14 | | | | | |
40+
|Row15 | | | | | |
41+
|Row16 | | | | | |
42+
|Row17 | | | | | |
43+
|Row18 | | | | | |
44+
|Row19 | | | | | |
45+
|Row20 | | | | | |
46+
|Row21 | | | | | |
47+
|Row22 | | | | | |
48+
|Row23 | | | | | |
49+
|Row24 | | | | | |
50+
|Row25 | | | | | |
51+
|Row26 | | | | | |
52+
|Row27 | | | | | |
53+
|Row28 | | | | | |
54+
|Row29 | | | | | |
55+
|Row30 | | | | | |
56+
|Row31 | | | | | |
57+
|Row32 | | | | | |
58+
|Row33 | | | | | |
59+
|Row34 | | | | | |
60+
|Row35 | | | | | |
61+
|Row36 | | | | | |
62+
|Row37 | | | | | |
63+
|Row38 | | | | | |
64+
|Row39 | | | | | |
65+
|Row40 | | | | | |
66+
|Row41 | | | | | |
67+
|Row42 | | | | | |
68+
|Row43 | | | | | |
69+
|Row44 | | | | | |
70+
|Row45 | | | | | |
71+
|Row46 | | | | | |
72+
|Row47 | | | | | |
73+
|Row48 | | | | | |
74+
|Row49 | | | | | |
75+
|Row50 | | | | | |
76+
|Row10 | | | | | |
77+
|Row11 | | | | | |
78+
|Row12 | | | | | |
79+
|Row13 | | | | | |
80+
|Row14 | | | | | |
81+
|Row15 | | | | | |
82+
|Row16 | | | | | |
83+
|Row17 | | | | | |
84+
|Row18 | | | | | |
85+
|Row19 | | | | | |
86+
|Row20 | | | | | |
87+
|Row21 | | | | | |
88+
|Row22 | | | | | |
89+
|Row23 | | | | | |
90+
|Row24 | | | | | |
91+
|Row25 | | | | | |
92+
|Row26 | | | | | |
93+
|Row27 | | | | | |
94+
|Row28 | | | | | |
95+
|Row29 | | | | | |
96+
|Row30 | | | | | |
97+
|Row31 | | | | | |
98+
|Row32 | | | | | |
99+
|Row33 | | | | | |
100+
|Row34 | | | | | |
101+
|Row35 | | | | | |
102+
|Row36 | | | | | |
103+
|Row37 | | | | | |
104+
|Row38 | | | | | |
105+
|Row39 | | | | | |
106+
|Row40 | | | | | |
107+
|Row41 | | | | | |
108+
|Row42 | | | | | |
109+
|Row43 | | | | | |
110+
|Row44 | | | | | |
111+
|Row45 | | | | | |
112+
|Row46 | | | | | |
113+
|Row47 | | | | | |
114+
|Row48 | | | | | |
115+
|Row49 | | | | | |
116+
|Row50 | | | | | |

0 commit comments

Comments
 (0)