STIGQter STIGQter: STIG Summary: Oracle WebLogic Server 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

Oracle WebLogic must be managed through a centralized enterprise tool.

DISA Rule

SV-235998r628772_rule

Vulnerability Number

V-235998

Group Title

SRG-APP-000516-AS-000237

Rule Version

WBLC-10-000271

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Install a tool such as Oracle Enterprise Manager, to handle enterprise functionality such as automated failover, rollback and patching of Oracle WebLogic.

Check Contents

Review the Oracle WebLogic configuration to determine if a tool, such as Oracle Enterprise Manager, is in place to centrally manage enterprise functionality needed for Oracle WebLogic. If a tool is not in place to centrally manage enterprise functionality, this is a finding.

Vulnerability Number

V-235998

Documentable

False

Rule Version

WBLC-10-000271

Severity Override Guidance

Review the Oracle WebLogic configuration to determine if a tool, such as Oracle Enterprise Manager, is in place to centrally manage enterprise functionality needed for Oracle WebLogic. If a tool is not in place to centrally manage enterprise functionality, this is a finding.

Check Content Reference

M

Target Key

5282

Comments