STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

Use of the DBMS software installation account must be restricted.

DISA Rule

SV-237745r667267_rule

Vulnerability Number

V-237745

Group Title

SRG-APP-000133-DB-000198

Rule Version

O121-OS-004600

Severity

CAT I

CCI(s)

• CCI-001499 - The organization limits privileges to change software resident within software libraries.

Weight

10

Fix Recommendation

Restrict interactive use of the DBMS software installation account to DBMS software installation, upgrade, and maintenance actions only.

If possible, disable installation accounts when authorized actions are not being performed. Otherwise, disable the use of the account(s) for interactive activity.

Check Contents

Review system documentation to identify the installation account.

Verify whether the account is used for anything involving interactive activity beyond DBMS software installation, upgrade, and maintenance actions.

If the account is used for anything involving interactive activity beyond DBMS software installation, upgrade, and maintenance actions, this is a finding.

Vulnerability Number

V-237745

Documentable

False

Rule Version

O121-OS-004600

Severity Override Guidance

Review system documentation to identify the installation account.

Verify whether the account is used for anything involving interactive activity beyond DBMS software installation, upgrade, and maintenance actions.

If the account is used for anything involving interactive activity beyond DBMS software installation, upgrade, and maintenance actions, this is a finding.

Check Content Reference

M

Target Key

4059

Comments