STIGQter: STIG Summary: Oracle HTTP Server 12.1.3 Security Technical Implementation Guide Version: 1 Release: 7 Benchmark Date: 24 Jul 2020: STIGQter: STIG Summary: Oracle HTTP Server 12.1.3 Security Technical Implementation Guide Version: 1 Release: 7 Benchmark Date: 24 Jul 2020:SV-79167r1_rule
V-64677
SRG-APP-000516-WSR-000174
OH12-1X-000220
CAT II
10
1. Obtain the latest Fusion Middleware Patches applicable for Oracle HTTP Server from the My Oracle Support note associated with the latest Oracle CPU at http://www.oracle.com/technetwork/topics/security/alerts-086861.html#CriticalPatchUpdates.
2. Follow the instructions associated with each patch to successfully apply.
1. Obtain the list of patches that have been applied to OHS (e.g., $ORACLE_HOME/OPatch/opatch lsinventory).
2. In reviewing the list, also review the latest Oracle CPU at http://www.oracle.com/technetwork/topics/security/alerts-086861.html#CriticalPatchUpdates. Specifically, review the My Oracle Support note specified for Oracle Fusion Middleware to see whether there are patches available for Oracle HTTP Server 12.1.3.
3. If there are patches listed for Oracle HTTP Server 12.1.3 in the support note and they do not show in the list from Step 1 above, this is a finding.
V-64677
False
OH12-1X-000220
1. Obtain the list of patches that have been applied to OHS (e.g., $ORACLE_HOME/OPatch/opatch lsinventory).
2. In reviewing the list, also review the latest Oracle CPU at http://www.oracle.com/technetwork/topics/security/alerts-086861.html#CriticalPatchUpdates. Specifically, review the My Oracle Support note specified for Oracle Fusion Middleware to see whether there are patches available for Oracle HTTP Server 12.1.3.
3. If there are patches listed for Oracle HTTP Server 12.1.3 in the support note and they do not show in the list from Step 1 above, this is a finding.
M
2753