Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-3438 | DO0340-ORACLE10 | SV-24530r1_rule | DCFA-1 | Medium |
Description |
---|
Application administration roles, which are assigned system or elevated application object privileges, should be protected from default activation. Application administration roles are determined by system privilege assignment (create / alter / drop user) and application user role ADMIN OPTION privileges. |
STIG | Date |
---|---|
Oracle 10 Database Instance STIG | 2014-01-14 |
Check Text ( None ) |
---|
None |
Fix Text (F-26512r1_fix) |
---|
For each role assignment returned, issue: From SQL*Plus: alter user [username] default role all except [role]; If the user has more than one application administration role assigned, then you will have to remove assigned roles from default assignment and assign individually the appropriate default roles. |