STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The DBMS must separate user functionality (including user interface services) from database management functionality.

DISA Rule

SV-219796r397711_rule

Vulnerability Number

V-219796

Group Title

SRG-APP-000211-DB-000122

Rule Version

O112-P2-017300

Severity

CAT II

CCI(s)

• CCI-001082 - The information system separates user functionality (including user interface services) from information system management functionality.

Weight

10

Fix Recommendation

Configure DBMS settings to separate database administration and general user functionality. Provide those who have both administrative and general-user responsibilities with separate accounts for these separate functions.

Check Contents

Check DBMS settings and vendor documentation to verify administrative functionality is separate from user functionality. If administrator and general user functionality is not separated either physically or logically, this is a finding.

Vulnerability Number

V-219796

Documentable

False

Rule Version

O112-P2-017300

Severity Override Guidance

Check DBMS settings and vendor documentation to verify administrative functionality is separate from user functionality. If administrator and general user functionality is not separated either physically or logically, this is a finding.

Check Content Reference

M

Target Key

4057

Comments