Information
Grants the authority to access data. The DATAACCESS authority allows the grantee to leverage DML level commands i.e. SELECT, INSERT, UPDATE, DELETE, LOAD, and EXECUTE any package or routine. The DATAACCESS authority cannot be granted to PUBLIC.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
1. Revoke DATAACCESS authority from any unauthorized users.
REVOKE DATAACCESS ON DATABASE FROM USER <username>