Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-61425 | O121-BP-021900 | SV-75915r1_rule | High |
Description |
---|
Setting this value to TRUE allows operating system authentication over an unsecured connection. Trusting remote operating systems can allow a user to impersonate another operating system user and connect to the database without having to supply a password. If REMOTE_OS_AUTHENT is set to true, the only information a remote user needs to connect to the database is the name of any user whose account is setup to be authenticated by the operating system. |
STIG | Date |
---|---|
Oracle Database 12c Security Technical Implementation Guide | 2018-01-03 |
Check Text ( C-62315r1_chk ) |
---|
From SQL*Plus: select value from v$parameter where name = 'remote_os_authent'; If the value returned does not equal FALSE, this is a finding. |
Fix Text (F-67341r1_fix) |
---|
Document remote OS authentication in the System Security Plan. If not required or not mitigated to an acceptable level, disable remote OS authentication. From SQL*Plus: alter system set remote_os_authent = FALSE scope = spfile; The above SQL*Plus command will set the parameter to take effect at next system startup. |