STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The DBMS must separate user functionality (including user interface services) from database management functionality.

DISA Rule

SV-220312r397711_rule

Vulnerability Number

V-220312

Group Title

SRG-APP-000211-DB-000122

Rule Version

O121-P2-017300

Severity

CAT II

CCI(s)

• CCI-001082 - The information system separates user functionality (including user interface services) from information system management functionality.

Weight

10

Fix Recommendation

Configure DBMS settings to separate database administration and general user functionality. Provide those who have both administrative and general-user responsibilities with separate accounts for these separate functions.

Check Contents

Check DBMS settings and vendor documentation to verify administrative functionality is separate from user functionality.

If administrator and general user functionality is not separated either physically or logically, this is a finding.

Vulnerability Number

V-220312

Documentable

False

Rule Version

O121-P2-017300

Severity Override Guidance

Check DBMS settings and vendor documentation to verify administrative functionality is separate from user functionality.

If administrator and general user functionality is not separated either physically or logically, this is a finding.

Check Content Reference

M

Target Key

4059

Comments