Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-15631 | DG0123-ORACLE10 | SV-24770r1_rule | ECAN-1 | Medium |
Description |
---|
System tables and DBA views contain information such as user, system and data that could lead to unauthorized access. Revoke any privileges granted to non-DBA accounts that provide direct access to objects owned by SYS or access to DBA views (DBA_%). |
STIG | Date |
---|---|
Oracle 10 Database Instance STIG | 2014-01-14 |
Check Text ( None ) |
---|
None |
Fix Text (F-26379r1_fix) |
---|
Revoke unauthorized access to system tables and data. From SQL*Plus: revoke [object privilege] on [system object name] from [account name or role]; |