Information
The Oracle database EXECUTE_CATALOG_ROLE provides EXECUTE privileges for a number of packages and procedures in the data dictionary in the SYS schema. Unauthorized grantees should not have that role.
Rationale:
Permitting unauthorized access to the EXECUTE_CATALOG_ROLE can allow the disruption of operations by initialization of rogue procedures, this capability should be restricted according to the needs of the organization.
Solution
To remediate this setting, execute the following SQL statement, keeping in mind if this is granted in both container and pluggable database, you must connect to both places to revoke.
REVOKE EXECUTE_CATALOG_ROLE FROM <grantee>;