Information
The SYSIBM.SYSINDEXAUTH table contains a list of users or groups that have CONTROL access on an index. It is recommended that the PUBLIC role be restricted from accessing this table.
Rationale:
The list of all users with access to an index should not be exposed to the public.
Solution
Revoke access from PUBLIC.
Connect to the Db2 database.
db2 => connect to <dbname>
Run the following command:
db2 => REVOKE SELECT ON SYSIBM.SYSINDEXAUTH FROM PUBLIC