Information
Row access policies are used to determine which rows to return in the query result. Row access policies can include conditions and functions in the policy expression to transform the data at query runtime when those conditions are met.
Row-access policy is a fine-grained access control used to protect table and view rows with special access requirements from unauthorized access at query time. It can be used to control access to certain data rows even if a user has access to query a table or view.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
Identify rows with special access requirements across all account tables and views and apply appropriate row access policies following steps described in the
Using Row Access Policies documentation
.
Impact:
Manual and automated workflows relying on having access to all rows in a table or view may be broken unless updated prior to application of a row access policy.