Severity Framework
CCSS (Common Configuration Scoring System) is a set of measures used to determine the severity of the rule.
Snyk CCSS
Rule category
Each rule is associated with a high-level category. For example IAM, Container, Monitoring, Logging, Network, etc.
Data/ Databases
Is your environment affected by this misconfiguration?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsFrameworks
CIS-AzureCIS-Controls
- Snyk IDSNYK-CC-00546
- creditSnyk Research Team
Description
New vulnerabilities may not be detected in a timely manner. This can leave the SQL server vulnerable to potential attack and exploitation.
How to fix?
Set properties.recurringScans.isEnabled to true.
Set recurring_scans.enabled to true. Attribute defaults to false.
Example Configuration
resource "azurerm_mssql_server_vulnerability_assessment" "allow" {
server_security_alert_policy_id = azurerm_mssql_server_security_alert_policy.example546.id
storage_container_path = "${azurerm_storage_account.example546.primary_blob_endpoint}${azurerm_storage_container.example546.name}/"
storage_account_access_key = azurerm_storage_account.example546.primary_access_key
recurring_scans {
enabled = true
email_subscription_admins = true
emails = [
"email@example1.com",
"email@example2.com"
]
}
}