Azure MI Vulnerabilities VA1283, VA1046, VA1054

Praveenraj R K 61 Reputation points Microsoft Employee
2023-03-08T17:01:30.5933333+00:00

Hi Team,

I got below Vulnerabilities for the Azure SQL Managed Instance. Could you please provide the remediation for the VA ?

VA1283 - There should be at least 1 active audit in the system

VA1046 - CHECK_POLICY should be enabled for all SQL logins

VA1054 - Excessive permissions should not be granted to PUBLIC role on objects or columns

Azure SQL Database
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Alberto Morillo 34,671 Reputation points MVP Volunteer Moderator
    2023-03-08T19:37:44.6233333+00:00

    My suggestions:

    To remediate VA1283 please create an active audit like this one.

    For VA1046, please enabled the CHECK_POLICY option for all SQL logins where it can be applied then save as baseline.

    Finally, for VA1054 the rule gives the permissions having issues with the Public role. Examine the remediation script the rule gives you and run it if you agree with it. See below image

    SSMS Vulnerability Assessment report - remediation script

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.