STIGQter: STIG Summary: Oracle WebLogic Server 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

Oracle WebLogic must be integrated with a tool to implement multi-factor user authentication.

DISA Rule

SV-235999r628775_rule

Vulnerability Number

V-235999

Group Title

SRG-APP-000516-AS-000237

Rule Version

WBLC-10-000272

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Install a tool, such as Oracle Access Manager, to handle multi-factor authentication of users.

Check Contents

Review the WebLogic configuration to determine if a tool, such as Oracle Access Manager, is in place to implement multi-factor authentication for the users. If a tool is not in place to implement multi-factor authentication, this is a finding.

Vulnerability Number

V-235999

Documentable

False

Rule Version

WBLC-10-000272

Severity Override Guidance

Check Content Reference

Target Key

5282

Oracle WebLogic must be integrated with a tool to implement multi-factor user authentication.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments