STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

OS accounts utilized to run external procedures called by the DBMS must have limited privileges.

DISA Rule

SV-238447r667515_rule

Vulnerability Number

V-238447

Group Title

SRG-APP-000141-DB-000093

Rule Version

O112-C2-004400

Severity

CAT II

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

Limit privileges to DBMS-related OS accounts to those required to perform their DBMS specific functionality.

Check Contents

Determine which OS accounts are used by the DBMS to run external procedures. Validate that these OS accounts have only the privileges necessary to perform the required functionality. If any OS accounts, utilized by the database for running external procedures, have privileges beyond those required for running the external procedures, this is a finding.

System views providing privilege information are:
DBA_SYS_PRIVS
DBA_TAB_PRIVS
DBA_ROLE_PRIVS

Vulnerability Number

V-238447

Documentable

False

Rule Version

O112-C2-004400

Severity Override Guidance

Determine which OS accounts are used by the DBMS to run external procedures. Validate that these OS accounts have only the privileges necessary to perform the required functionality. If any OS accounts, utilized by the database for running external procedures, have privileges beyond those required for running the external procedures, this is a finding.

System views providing privilege information are:
DBA_SYS_PRIVS
DBA_TAB_PRIVS
DBA_ROLE_PRIVS

Check Content Reference

M

Target Key

4057

Comments