|
The table(s) covered in this query are described by Oracle as follows:
Contains administrative settings/preferences for ASE
Sensitive Access Risk Rule ID:
SA190
Risk Description: This privilege allows a user to turn on / off SSO configurations. It allows a user to temporarily turn off SSO to allow for local logins. Someone with this ability to reset passwords could take over a local account. This is especially high risk where local users and their assigned roles aren't be disabled / de-provisioned (which happens in many cases given the assumption that SSO controls override the ability to log in locally). This also allows a user to configure password settings and other critical security configurations.
|
