STIGQter STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The Oracle REMOTE_OS_ROLES parameter must be set to FALSE.

DISA Rule

SV-219831r533034_rule

Vulnerability Number

V-219831

Group Title

SRG-APP-000516-DB-000363

Rule Version

O121-BP-022000

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Document remote OS roles in the System Security Plan.

If not required, disable use of remote OS roles.

From SQL*Plus:

alter system set remote_os_roles = FALSE scope = spfile;

The above SQL*Plus command will set the parameter to take effect at next system startup.

Check Contents

From SQL*Plus:

select value from v$parameter where name = 'remote_os_roles';

If the returned value is not FALSE or not documented in the System Security Plan as required, this is a finding.

Vulnerability Number

V-219831

Documentable

False

Rule Version

O121-BP-022000

Severity Override Guidance

From SQL*Plus:

select value from v$parameter where name = 'remote_os_roles';

If the returned value is not FALSE or not documented in the System Security Plan as required, this is a finding.

Check Content Reference

M

Target Key

4059

Comments