Information
The SYSIBM.SYSPASSTHRUAUTH table contains the names of user or group that have pass-through authorization to query the data source. It is recommended that the PUBLIC role be restricted from accessing this table.
Rationale:
The ability to see which accounts have the pass-through privilege could allow an attacker to exploit these accounts to access another data source.
Solution
Perform the following to revoke access from PUBLIC.
Connect to the Db2 database.
db2 => connect to <dbname>
Run the following command:
db2 => REVOKE SELECT ON SYSIBM.SYSPASSTHRUAUTH FROM PUBLIC