⚠️ Vulnerability Scanner

Database security vulnerability assessment

Critical

High

Medium

Low

Feb 22

Last Scan

🚨 Critical & High Vulnerabilities

CVE-2024-1234 - SQL Injection Risk

CRITICAL

Unparameterized dynamic SQL detected in stored procedure usp_SearchProducts. Allows potential SQL injection attacks.

📍 PROD-SQL-01🗄️ ECommerce.dbo.usp_SearchProducts📅 Found: Feb 20

Outdated TLS Version

CRITICAL

Server is accepting TLS 1.0 connections which is deprecated and vulnerable to POODLE attacks.

📍 LEGACY-SQL-01🔒 Network Configuration📅 Found: Feb 18

Missing Encryption - TDE Not Enabled

HIGH

Transparent Data Encryption is not enabled on database containing PII data.

📍 PROD-SQL-02🗄️ CustomerData📅 Found: Feb 15

Weak Password Policy

MEDIUM

Password policy allows passwords shorter than 12 characters.

📍 All Servers👥 Security Policy📅 Found: Feb 10

PROD-SQL-013 issues

PROD-SQL-022 issues

LEGACY-SQL-015 issues

ORACLE-HR2 issues

AZURE-SQL0 issues

pg-prod1 issue