An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Open sidebar
Navigate
Top
Search
Checks (
136
)
Print
Changes
Pages (
2/10
)
Oracle Database 12c STIG
Oracle Database 12c Security Technical Implementation Guide
v3 r3 (Released Jan. 30, 2025)
v3 r2 (Released Oct. 24, 2024)
v3 r1 (Released July 24, 2024)
v2 r9 (Released Jan. 24, 2024)
v2 r8 (Released July 26, 2023)
v2 r7 (Released April 27, 2023)
v2 r6 (Released Jan. 26, 2023)
v2 r5 (Released July 27, 2022)
v2 r4 (Released April 27, 2022)
v2 r3 (Released Jan. 27, 2022)
v2 r2 (Released Oct. 27, 2021)
v2 r1 (Released April 23, 2021)
v1 r18 (Released July 24, 2020)
v1 r17 (Released April 24, 2020)
v1 r16 (Released Jan. 24, 2020)
v1 r15 (Released Oct. 25, 2019)
v1 r14 (Released Aug. 23, 2019)
v1 r13 (Released July 26, 2019)
v1 r12 (Released Jan. 25, 2019)
v1 r11 (Released Oct. 26, 2018)
v1 r10 (Released April 27, 2018)
v1 r9 (Released Jan. 26, 2018)
v1 r8 (Released July 28, 2017)
v1 r7 (Released April 28, 2017)
v1 r6 (Released Jan. 27, 2017)
ID
Vuln ID
Title
Cat
Status
O121-BP-022800
V-219839
Application role permissions must not be assigned to the Oracle PUBLIC role.
Cat II
O121-BP-022900
V-219840
Oracle application administration roles must be disabled if not required and authorized.
Cat II
O121-BP-023000
V-219841
Connections by mid-tier web and application systems to the Oracle DBMS from a DMZ or external network must be encrypted.
Cat II
O121-BP-023100
V-219842
Database job/batch queues must be reviewed regularly to detect unauthorized database job submissions.
Cat II
O121-BP-023200
V-219843
Unauthorized database links must not be defined and active.
Cat II
O121-BP-023300
V-219844
Sensitive information from production database exports must be modified before import to a development database.
Cat II
O121-BP-023600
V-219847
Only authorized system accounts must have the SYSTEM tablespace specified as the default tablespace.
Cat II
O121-BP-023700
V-219848
Application owner accounts must have a dedicated application tablespace.
Cat II
O121-BP-023800
V-219849
The directories assigned to the LOG_ARCHIVE_DEST* parameters must be protected from unauthorized access.
Cat II
O121-BP-023900
V-219850
The Oracle _TRACE_FILES_PUBLIC parameter if present must be set to FALSE.
Cat II
O121-BP-024100
V-219852
DBMS production application and data directories must be protected from developers on shared production/development DBMS host systems.
Cat II
O121-BP-024200
V-219853
Use of the DBMS installation account must be logged.
Cat II
O121-BP-024750
V-265879
Oracle database products must be a version supported by the vendor.
Cat I
O121-BP-025100
V-219861
The DBMS data files, transaction logs and audit files must be stored in dedicated directories or disk partitions separate from software or other application files.
Cat II
O121-BP-025101
V-219862
The directory assigned to the AUDIT_FILE_DEST parameter must be protected from unauthorized access and must be stored in a dedicated directory or disk partition separate from software or other application files.
Cat II
Prev
1
2
3
4
5
6
...10
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.