STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to CA IDMS Security Technical Implementation Guide

V-251625

CAT II (Medium)

Custom database code and associated application code must not contain information beyond what is needed for troubleshooting.

Rule ID

SV-251625r961167_rule

STIG

CA IDMS Security Technical Implementation Guide

Version

V2R1

CCIs

CCI-001312

Discussion

Error codes issued by custom code could provide more information than needed for problem resolution and should be vetted to make sure this does not occur.

Check Content

Check custom database code to verify that error messages do not contain information beyond what is needed for troubleshooting the issue.

If database errors contain PII data, sensitive business data, or information useful for identifying the host system or database structure, this is a finding.

Fix Text

Configure custom database code, and associated application code not to divulge sensitive information or information useful for system identification in error messages.