TF 0038 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Temporary file logging should be enabled for all temporary files.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | sql |
| Provider | |
| Vulnerability Type | omission |
Description
The configuration does not enable logging for temporary files in Google Cloud SQL for PostgreSQL, or only logs files above a certain size. As a result, temporary file activity is not fully captured in logs, reducing visibility into database operations.
Impact
Lack of comprehensive temporary file logging can hinder detection of suspicious or malicious activity, such as large or unexpected queries, making it harder to investigate security incidents or performance issues. This could allow attackers to exploit the database without leaving adequate audit trails.
Resolution
Enable temporary file logging for all files