STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The DBMS must employ strong identification and authentication techniques when establishing nonlocal maintenance and diagnostic sessions.

DISA Rule

SV-237737r667243_rule

Vulnerability Number

V-237737

Group Title

SRG-APP-000516-DB-000363

Rule Version

O121-C2-016100

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure DBMS settings to use strong identification and authentication techniques for nonlocal maintenance and diagnostic sessions.

Check Contents

Review DBMS settings to determine whether strong identification and authentication techniques are required for nonlocal maintenance and diagnostic sessions.

If strong identification and authentication techniques are not required, this is a finding.

Vulnerability Number

V-237737

Documentable

False

Rule Version

O121-C2-016100

Severity Override Guidance

Review DBMS settings to determine whether strong identification and authentication techniques are required for nonlocal maintenance and diagnostic sessions.

If strong identification and authentication techniques are not required, this is a finding.

Check Content Reference

M

Target Key

4059

Comments