Information
The QUIESCECONNECT role grants the authority to a user to access a database even in the quiesced state.
Rationale:
It is recommended that the QUIESCECONNECT role be granted to authorized users only.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
Connect to the Db2 database.
db2 => connect to <dbname>
Run the following command:
db2 => REVOKE QUIESCE_CONNECT ON DATABASE FROM USER <username>