Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-6767 | DG0007-ORACLE11 | SV-25032r1_rule | DCCS-1 DCCS-2 | Medium |
Description |
---|
DBMS systems that do not follow DoD security guidance are vulnerable to related published vulnerabilities. A DoD reference document such as a security technical implementation guide or security recommendation guide constitutes the primary source for security configuration or implementation guidance for the deployment of newly acquired IA- and IA-enabled IT products that require use of the product's IA capabilities. |
STIG | Date |
---|---|
Oracle 11 Database Installation STIG | 2014-01-14 |
Check Text ( C-1048r1_chk ) |
---|
Review security and administration documentation maintained for the DBMS system for indications that DoD security guidance has been applied to the DBMS system. If the DBMS system has not been secured using available DoD security guidance, this is a Finding. |
Fix Text (F-17962r1_fix) |
---|
Apply available DoD security guidance to the DBMS system. If DoD security guidance is not available, the system owner works with DISA or NSA to draft configuration guidance for inclusion in a departmental reference guide. |