STIGQter: STIG Summary: Oracle WebLogic Server 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

Oracle WebLogic must be integrated with a tool to monitor audit subsystem failure notification information that is sent out (e.g., the recipients of the message and the nature of the failure).

DISA Rule

SV-235997r628769_rule

Vulnerability Number

V-235997

Group Title

SRG-APP-000516-AS-000237

Rule Version

WBLC-10-000270

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Install a tool, such as Oracle Diagnostics Framework, to monitor audit subsystem failure notification information.

Check Contents

Review the configuration of Oracle WebLogic to determine if a tool, such as Oracle Diagnostic Framework, is in place to monitor audit subsystem failure notification information that is sent out.

If a tool is not in place to monitor audit subsystem failure notification information that is sent, this is a finding.

Vulnerability Number

V-235997

Documentable

False

Rule Version

WBLC-10-000270

Severity Override Guidance

Check Content Reference

Target Key

5282

Oracle WebLogic must be integrated with a tool to monitor audit subsystem failure notification information that is sent out (e.g., the recipients of the message and the nature of the failure).

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments