O121-BP-026500 - Remote administration must be disabled for the Oracle connection manager.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Remote administration provides a potential opportunity for malicious users to make unauthorized changes to the Connection Manager configuration or interrupt its service.

Solution

View the cman.ora file in the ORACLE_HOME/network/admin directory of the Connection Manager.

Include the following line in the file:

REMOTE_ADMIN = NO

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_12c_V3R1_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000366, Rule-ID|SV-219874r961863_rule, STIG-ID|O121-BP-026500, STIG-Legacy|SV-76023, STIG-Legacy|V-61533, Vuln-ID|V-219874

Plugin: Unix

Control ID: ec4a269a247ed150e2c29437466a9195b9f3ffe10e4e4f4cf32224eecaadc3a7