STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:

The DBMS should not have a connection defined to access or be accessed by a DBMS at a different classification level.

DISA Rule

SV-25075r1_rule

Vulnerability Number

V-15656

Group Title

DBMS interconnections

Rule Version

DG0171-ORACLE11

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Disassociate or remove connection definitions to remote systems of differing classification levels.

Check Contents

Review database links or other connections defined for the database to access or be accessed by remote databases or other applications as defined in the AIS Functional Architecture documentation or the System Security Plan.

If any interconnections show differences in the DBMS and remote system classification levels, this is a Finding.

Vulnerability Number

V-15656

Documentable

False

Rule Version

DG0171-ORACLE11

Severity Override Guidance

Review database links or other connections defined for the database to access or be accessed by remote databases or other applications as defined in the AIS Functional Architecture documentation or the System Security Plan.

If any interconnections show differences in the DBMS and remote system classification levels, this is a Finding.

Check Content Reference

M

Responsibility

Database Administrator

Target Key

1368

Comments