O121-BP-026500 - Remote administration must be disabled for the Oracle connection manager.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Remote administration provides a potential opportunity for malicious users to make unauthorized changes to the Connection Manager configuration or interrupt its service.

Solution

View the cman.ora file in the ORACLE_HOME/network/admin directory of the Connection Manager.

Include the following line in the file:

REMOTE_ADMIN = NO

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_12c_V2R8_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000366, Rule-ID|SV-219874r879887_rule, STIG-ID|O121-BP-026500, STIG-Legacy|SV-76023, STIG-Legacy|V-61533, Vuln-ID|V-219874

Plugin: Unix

Control ID: 08e30a4247a63a7e2c1db2931ae29fab3fc50ead4be4974209648942720ab6ed