Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
DBMS privileges to restore database data or other DBMS configurations, features or objects should be restricted to authorized DBMS accounts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15107 | DG0063-ORACLE11 | SV-24635r1_rule | ECLP-1 | Medium |
| Description |
|---|
| Unauthorized restoration of database data, objects, or other configuration or features can result in a loss of data integrity, unauthorized configuration, or other DBMS interruption or compromise. |
| STIG | Date |
|---|---|
| Oracle Database 11g Installation STIG | 2014-04-02 |
Details
| Check Text ( C-24212r1_chk ) |
|---|
| Review DBMS accounts with elevated permissions (accounts granted ROLE permissions, DBA accounts, SCHEMA accounts, etc.). If any accounts are not documented and authorized for RESTORE permissions, this is a Finding. |
| Fix Text (F-20422r1_fix) |
|---|
| Utilize DBMS roles that are authorized for database restore functions. Restrict assignment of restore privileges. Assign DBMS restoration roles only to authorized DBMS accounts. Document assignments in the System Security Plan. |