DG0105-ORACLE11 - DBMS application user roles should not be assigned unauthorized privileges.

Information

Unauthorized access to the data can lead to loss of confidentiality and integrity of the data.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Use the grant and revoke commands to assign the authorized privileges as listed in the System Security Plan to custom database application or application user roles.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-24705r1_rule, STIG-ID|DG0105-ORACLE11, Vuln-ID|V-15128

Plugin: OracleDB

Control ID: 533d67423db38a8507150d09414598259ac3ea70c02072356295813e467ae798