An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Open sidebar
Navigate
Top
Search
Checks (
136
)
Print
Changes
Pages (
4/10
)
Oracle Database 12c STIG
Oracle Database 12c Security Technical Implementation Guide
v3 r3 (Released Jan. 30, 2025)
v3 r2 (Released Oct. 24, 2024)
v3 r1 (Released July 24, 2024)
v2 r9 (Released Jan. 24, 2024)
v2 r8 (Released July 26, 2023)
v2 r7 (Released April 27, 2023)
v2 r6 (Released Jan. 26, 2023)
v2 r5 (Released July 27, 2022)
v2 r4 (Released April 27, 2022)
v2 r3 (Released Jan. 27, 2022)
v2 r2 (Released Oct. 27, 2021)
v2 r1 (Released April 23, 2021)
v1 r18 (Released July 24, 2020)
v1 r17 (Released April 24, 2020)
v1 r16 (Released Jan. 24, 2020)
v1 r15 (Released Oct. 25, 2019)
v1 r14 (Released Aug. 23, 2019)
v1 r13 (Released July 26, 2019)
v1 r12 (Released Jan. 25, 2019)
v1 r11 (Released Oct. 26, 2018)
v1 r10 (Released April 27, 2018)
v1 r9 (Released Jan. 26, 2018)
v1 r8 (Released July 28, 2017)
v1 r7 (Released April 28, 2017)
v1 r6 (Released Jan. 27, 2017)
ID
Vuln ID
Title
Cat
Status
O121-C2-001700
V-237700
The DBMS must support the disabling of network protocols deemed by the organization to be nonsecure.
Cat II
O121-C2-001800
V-220265
The system must employ automated mechanisms for supporting Oracle user account management.
Cat I
O121-C2-001900
V-237701
The DBMS must provide a mechanism to automatically identify accounts designated as temporary or emergency accounts.
Cat II
O121-C2-002000
V-237702
The DBMS must provide a mechanism to automatically remove or disable temporary user accounts after 72 hours.
Cat II
O121-C2-002700
V-220266
The DBMS must enforce approved authorizations for logical access to the system in accordance with applicable policy.
Cat I
O121-C2-003000
V-237703
The DBMS must enforce Discretionary Access Control (DAC) policy allowing users to specify and control sharing by named individuals, groups of individuals, or by both, limiting propagation of access rights and including or excluding access to the granularity of a single user.
Cat II
O121-C2-003600
V-237705
A single database connection configuration file must not be used to configure all database clients.
Cat II
O121-C2-003700
V-237706
The DBMS must be protected from unauthorized access by developers.
Cat II
O121-C2-003800
V-237707
The DBMS must be protected from unauthorized access by developers on shared production/development host systems.
Cat II
O121-C2-003900
V-237708
The DBMS must restrict access to system tables and other configuration information or metadata to DBAs or other authorized users.
Cat II
O121-C2-004000
V-237709
Administrative privileges must be assigned to database accounts via database roles.
Cat II
O121-C2-004100
V-237710
Administrators must utilize a separate, distinct administrative account when performing administrative activities, accessing database security functions, or accessing security-relevant information.
Cat II
O121-C2-004400
V-237712
OS accounts utilized to run external procedures called by the DBMS must have limited privileges.
Cat II
O121-C2-004900
V-237713
The DBMS must verify account lockouts persist until reset by an administrator.
Cat II
O121-C2-005000
V-237714
The DBMS must set the maximum number of consecutive invalid logon attempts to three.
Cat II
Prev
1
2
3
4
5
6
7
8
...10
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.