STIGQter STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 1 Release: 16 Benchmark Date: 24 Jan 2020: A DBMS utilizing Discretionary Access Control (DAC) must enforce a policy that includes or excludes access to the granularity of a single user.

DISA Rule

SV-76109r1_rule

Vulnerability Number

V-61619

Group Title

SRG-APP-000087-DB-000013

Rule Version

O121-C2-006700

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Modify DBMS settings to allow users to assign or revoke access rights to objects and information owned by the user. The ability to grant or revoke rights must include the ability to grant or revoke those rights down to the granularity of a single user.

(This is default Oracle behavior.)

Check Contents

Check DBMS settings and documentation to determine if users are able to assign and revoke rights to the objects and information they own. If users cannot assign or revoke rights to the objects and information they own to the granularity of a single user, this is a finding.

(This is default Oracle behavior.)

Vulnerability Number

V-61619

Documentable

False

Rule Version

O121-C2-006700

Severity Override Guidance

Check DBMS settings and documentation to determine if users are able to assign and revoke rights to the objects and information they own. If users cannot assign or revoke rights to the objects and information they own to the granularity of a single user, this is a finding.

(This is default Oracle behavior.)

Check Content Reference

M

Target Key

2679

Comments