DG0191-ORACLE11 - Credentials used to access remote databases should be protected by encryption and restricted to authorized users - '$ORACLE_HOME/network/admin/sqlnet.ora WALLET_LOCATION does not exist'

Information

Access to database connection credential stores provides easy access to the database. Unauthorized access to the database can result without controls in place to prevent unauthorized access to the credentials.

Solution

Consider alternate methods for database connections to avoid custom storage of local connection credentials.

Develop and document use of locally stored credentials and their authorized use and access in the System Security Plan.

Restrict access and use of the credentials to authorized users using host file permissions and any other available method to restrict access.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5h., CAT|II, Rule-ID|SV-24835r1_rule, STIG-ID|DG0191-ORACLE11, Vuln-ID|V-15659

Plugin: Unix

Control ID: 76463f81794ac004eea6a51c640ad7278eebc4afdc1025900d1e94d614a2294c