STIGQter: STIG Summary: Oracle Database 11g Instance STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:

Replication accounts should not be granted DBA privileges.

DISA Rule

SV-24407r1_rule

Vulnerability Number

V-15619

Group Title

DBMS replication account privileges

Rule Version

DG0100-ORACLE11

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Restrict privileges assigned to replication accounts to the fewest possible privileges.

Remove DBA roles from replication accounts.

Create and use custom replication accounts assigned least privileges for supporting replication operations.

Check Contents

If a review of the System Security Plan confirms the use of replication is not required, not permitted and the database is not configured for replication, this check is Not a Finding.

If any replication accounts are assigned DBA roles or roles with DBA privileges, this is a Finding.

Vulnerability Number

V-15619

Documentable

False

Rule Version

DG0100-ORACLE11

Severity Override Guidance

If a review of the System Security Plan confirms the use of replication is not required, not permitted and the database is not configured for replication, this check is Not a Finding.

If any replication accounts are assigned DBA roles or roles with DBA privileges, this is a Finding.

Check Content Reference

M

Responsibility

Database Administrator

Target Key

1367

Comments