TF 0127 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Ensure that logging of lock waits is enabled.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | sql |
| Provider | |
| Vulnerability Type | omission |
Description
Lock wait logging is disabled for the Google Cloud SQL PostgreSQL instance, preventing the system from recording events where database operations are blocked waiting for locks. This omission makes it difficult to detect and analyze performance bottlenecks or suspicious activity related to resource contention.
Impact
Without lock wait logs, administrators may miss signs of performance degradation or denial-of-service conditions caused by excessive locking. This can allow attackers or misbehaving applications to degrade service availability undetected, potentially leading to prolonged outages or security incidents.
Resolution
Enable lock wait logging.