An error occurred:

Oracle Database 11.2g STIG Version Comparison

Oracle Database 11.2g Security Technical Implementation Guide

Comparison

There are 1 differences between versions v2 r3 (Jan. 27, 2022) (the "left" version) and v2 r5 (July 24, 2024) (the "right" version).

Check O112-BP-024750 was changed between these two versions. Green, underlined text was added, red, struck-out text was removed.

The regular view of the left check and right check may be easier to read.

Text Differences

Title

Oracle database products must be a version supported by the vendor.

Check Content

Review the system documentation and interview the database administrator. Identify all database software components. Review the version and release information. From SQL*Plus: Select version from v$instance; Access v$instance; Oracle Database the vendor website or use other means to verify the version 11.2 is still supported. Oracle Release schedule: https://support.oracle.com/knowledge/Oracle%20Database%20Products/742060_1.html If the Oracle version or any of the software components are not no longer supported by the vendor, vendor. If the system is running Oracle Database version 11.2, this is a finding.

Discussion

Unsupported commercial and database systems should not be used because fixes to newly identified bugs will not be implemented by the vendor. The lack of support can result in potential vulnerabilities. Systems at unsupported servicing levels or releases will not receive security updates for new vulnerabilities, which leaves them subject to exploitation. When maintenance updates and patches are no longer available, the database software is no longer considered supported and should be upgraded or decommissioned.

Fix

Remove or decommission all unsupported software products. Upgrade unsupported DBMS or unsupported components to a supported version of the product. Oracle recommends the following upgrade options: For product product. longevity and patching, Oracle strongly recommends upgrading to19c which is the Long-Term Release with a support end date of April 30, 2027 (or April 30, 2024 if you choose not to pay Extended Support fees or purchase a ULA). If currently running 11.2.x, upgrade to the terminal release (11.2.0.4) for the DB Release you are running and then continue the upgrade process by upgrading to the 19c.