STIGQter STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 1 Release: 17 Benchmark Date: 24 Jan 2020: Access to default accounts used to support replication must be restricted to authorized DBAs.

DISA Rule

SV-68201r1_rule

Vulnerability Number

V-53961

Group Title

SRG-APP-000516-DB-999900

Rule Version

O112-BP-021200

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Change the password for default and custom replication accounts and provide the password to IAO-authorized users only.

Check Contents

From SQL*Plus:

select 'The number of replication objects defined is: '||
count(*) from all_tables
where table_name like 'REPCAT%';

If the count returned is 0, then Oracle Replication is not installed and this check is Not a Finding.

Otherwise:

From SQL*Plus:

select count(*) from sys.dba_repcatlog;

If the count returned is 0, then Oracle Replication is not in use and this check is Not a Finding.

If any results are returned, ask the IAO or DBA if the replication account (the default is REPADMIN, but may be customized) is restricted to IAO-authorized personnel only.

If it is not, this is a Finding.

If there are multiple replication accounts, confirm that all are justified and documented with the IAO.

If they are not, this is a Finding.

Vulnerability Number

V-53961

Documentable

False

Rule Version

O112-BP-021200

Severity Override Guidance

From SQL*Plus:

select 'The number of replication objects defined is: '||
count(*) from all_tables
where table_name like 'REPCAT%';

If the count returned is 0, then Oracle Replication is not installed and this check is Not a Finding.

Otherwise:

From SQL*Plus:

select count(*) from sys.dba_repcatlog;

If the count returned is 0, then Oracle Replication is not in use and this check is Not a Finding.

If any results are returned, ask the IAO or DBA if the replication account (the default is REPADMIN, but may be customized) is restricted to IAO-authorized personnel only.

If it is not, this is a Finding.

If there are multiple replication accounts, confirm that all are justified and documented with the IAO.

If they are not, this is a Finding.

Check Content Reference

M

Target Key

2669

Comments