STIGQter STIGQter: STIG Summary: Oracle Database 11g Instance STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:

The Oracle O7_DICTIONARY_ACCESSIBILITY parameter should be set to FALSE.

DISA Rule

SV-24937r2_rule

Vulnerability Number

V-2586

Group Title

Oracle O7_DICTIONARY_ACCESSIBILITY parameter

Rule Version

DO3685-ORACLE11

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Disable O7_dictionary_accessibility to restrict access to system tables to users granted privileges to access objects owned by all users.

From SQL*Plus:

alter system set O7_dictionary_accessibility = FALSE scope = spfile;

The above SQL*Plus command will set the parameter to take effect at next system startup.

Check Contents

From SQL*Plus:

select value from v$parameter where name = 'O7_dictionary_accessibility';

If the value returned is TRUE, this is a Finding.

If the parameter does not exist or the value returned is FALSE, this is Not a Finding.

Vulnerability Number

V-2586

Documentable

False

Rule Version

DO3685-ORACLE11

Severity Override Guidance

From SQL*Plus:

select value from v$parameter where name = 'O7_dictionary_accessibility';

If the value returned is TRUE, this is a Finding.

If the parameter does not exist or the value returned is FALSE, this is Not a Finding.

Check Content Reference

M

Responsibility

Database Administrator

Target Key

1367

Comments