STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The DBMS must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).

DISA Rule

SV-220310r395859_rule

Vulnerability Number

V-220310

Group Title

SRG-APP-000148-DB-000103

Rule Version

O121-P2-012800

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Configure DBMS, OS and/or enterprise-level authentication/access mechanism to uniquely identify and authenticate all organizational users who log on to the system. Ensure that each user has a separate account from all other users.

Check Contents

Review DBMS settings, OS settings, and/or enterprise-level authentication/access mechanism settings, and site practices, to determine whether organizational users are uniquely identified and authenticated when logging on to the system.

If organizational users are not uniquely identified and authenticated, this is a finding.

Vulnerability Number

V-220310

Documentable

False

Rule Version

O121-P2-012800

Severity Override Guidance

Review DBMS settings, OS settings, and/or enterprise-level authentication/access mechanism settings, and site practices, to determine whether organizational users are uniquely identified and authenticated when logging on to the system.

If organizational users are not uniquely identified and authenticated, this is a finding.

Check Content Reference

M

Target Key

4059

Comments