STIGQter: STIG Summary: Oracle WebLogic Server 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Oracle WebLogic Server 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:SV-235959r628655_rule
V-235959
SRG-APP-000123-AS-000083
WBLC-02-000100
CAT II
10
1. Access AC
2. From 'Domain Structure', select 'Security Realms'
3. Select realm to configure (default is 'myrealm')
4. Select 'Users and Groups' tab -> 'Users' tab
5. From 'Users' table, select a user that must not have audit tool configuration access
6. From users settings page, select 'Groups' tab
7. From the 'Chosen' table, use the shuttle buttons to remove the role - 'Admin'
8. Click 'Save'
9. Repeat steps 5-8 for all users that must not have audit tool configuration access
1. Access AC
2. From 'Domain Structure', select 'Security Realms'
3. Select realm to configure (default is 'myrealm')
4. Select 'Users and Groups' tab -> 'Users' tab
5. From 'Users' table, select a user that must not have audit tool configuration access
6. From users settings page, select 'Groups' tab
7. Ensure the 'Chosen' table does not contain the role - 'Admin'
8. Repeat steps 5-7 for all users that must not have audit tool configuration access
If any users that should not have access to the audit tools contains the role of 'Admin', this is a finding.
V-235959
False
WBLC-02-000100
1. Access AC
2. From 'Domain Structure', select 'Security Realms'
3. Select realm to configure (default is 'myrealm')
4. Select 'Users and Groups' tab -> 'Users' tab
5. From 'Users' table, select a user that must not have audit tool configuration access
6. From users settings page, select 'Groups' tab
7. Ensure the 'Chosen' table does not contain the role - 'Admin'
8. Repeat steps 5-7 for all users that must not have audit tool configuration access
If any users that should not have access to the audit tools contains the role of 'Admin', this is a finding.
M
5282