O121-BP-026600 - Network client connections must be restricted to supported versions - SQLNET.ALLOWED_LOGON_VERSION_CLIENT

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Unsupported Oracle network client installations may introduce vulnerabilities to the database. Restriction to use of supported versions helps to protect the database and helps to enforce newer, more robust security controls.

Solution

Edit the SQLNET.ORA file to add or edit the entries:

SQLNET.ALLOWED_LOGON_VERSION_SERVER = 12
SQLNET.ALLOWED_LOGON_VERSION_CLIENT = 12

Set the value to 12 or higher.
Valid values for SQLNET.ALLOWED_LOGON_VERSION_SERVER are: 12 and 12a

Valid values for SQLNET.ALLOWED_LOGON_VERSION_CLIENT are: 12 and 12a

For more information on sqlnet.ora parameters refer to the following document:
'Database Net Services Reference'
http://docs.oracle.com/database/121/NETRF/sqlnet.htm#NETRF006

For more information on configuring authentication refer to the following document:
'Oracle Database 12C Password Version Configuration Guidelines'
https://docs.oracle.com/database/121/DBSEG/authentication.htm#GUID-E6EE45DD-1E3B-4028-B8DE-65D6AA373821

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_12c_V2R3_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CAT|II, CCI|CCI-000366, Rule-ID|SV-219875r401224_rule, STIG-ID|O121-BP-026600, STIG-Legacy|SV-76025, STIG-Legacy|V-61535, Vuln-ID|V-219875

Plugin: Unix

Control ID: f0abe5a04343bd22272742c49ab46c17689520d9b6275c1b7b2f3d72b8df721d