Hi Experts,
Our customer has conducted a security check, and there are points related to SQL Server on CommServe.
The issue is that the role of the SQL Server DBA account is set to Public.
224 public sp_MSalreadyhavegeneration
224 public sp_MSwritemergeperfcounter
224 public sp_replsetsyncstatus
224 public sp_replshowcmds
224 public sp_publishdb
224 public sp_addqueued_artinfo
224 public sp_replcounters
...and many more
Regarding CommServe security, I looked at the CommServe Hardening.pdf whitepaper document, but could not find anything related to public roles.
(Title: CommServe Component Security)
Is there any problem if I revoke this public role?
Or should these be kept public?
Best Regards
Kim KK
Best answer by Prashanth Jayaram
View original