Skip to content

Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0'

Description

Enabling Ad Hoc Distributed Queries allows users to query data and execute statements on external data sources. This functionality should be disabled.

Rationale

This feature can be used to remotely access and exploit vulnerabilities on remote SQL Server instances and to run unsafe Visual Basic for Application functions.

Applies To

  • Databases

Tags

This rule is applied when the following tags are present:

Tag With Value
secureclouddb/provider aws
secureclouddb/service rds
secureclouddb/engine sqlserver

Default Rule

const { checkServerSetting } = module
/**
 * @param {Object} databaseSettings - database settings object
 * @returns {boolean} true if 'Ad Hoc Distributed Queries' is set to 0
 */
function validate(databaseSettings) {
    const success = checkServerSetting(databaseSettings, 'Ad Hoc Distributed Queries', "0")

    return {
        success,
    }
}

validate(databaseSettings)