4.5 Ensure 'SYS.USER$MIG' Has Been Dropped

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The table sys.user$mig is created during migration and contains the Oracle password hashes before the migration starts. This table should be dropped.

Rationale:

The table sys.user$mig is not deleted after the migration. An attacker could access the table containing the Oracle password hashes.

Solution

To remediate this setting, execute the following SQL statement, keeping in mind if this is granted in both container and pluggable database, you must connect to both places to revoke.

DROP TABLE SYS.USER$MIG;

See Also

https://workbench.cisecurity.org/files/2868