STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:

Remote administration should be disabled for the Oracle connection manager.

DISA Rule

SV-24955r1_rule

Vulnerability Number

V-16032

Group Title

Connection Manager remote administration

Rule Version

DO6747-ORACLE11

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

View the cman.ora file in the ORACLE_HOME/network/admin directory of the Connection Manager.

Include the following line in the file:

REMOTE_ADMIN = NO

Check Contents

View the cman.ora file in the ORACLE_HOME/network/admin directory.

If the file does not exist, the database is not accessed via Oracle Connection Manager and this check is Not a Finding.

If the entry and value for REMOTE_ADMIN is not listed or is not set to a value of NO (REMOTE_ADMIN = NO), this is a Finding.

Vulnerability Number

V-16032

Documentable

False

Rule Version

DO6747-ORACLE11

Severity Override Guidance

View the cman.ora file in the ORACLE_HOME/network/admin directory.

If the file does not exist, the database is not accessed via Oracle Connection Manager and this check is Not a Finding.

If the entry and value for REMOTE_ADMIN is not listed or is not set to a value of NO (REMOTE_ADMIN = NO), this is a Finding.

Check Content Reference

M

Responsibility

Database Administrator

Target Key

1368

Comments