An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Open sidebar
Navigate
Top
Search
Checks (
136
)
Print
Changes
Pages (
8/10
)
Oracle Database 12c STIG
Oracle Database 12c Security Technical Implementation Guide
v3 r3 (Released Jan. 30, 2025)
v3 r2 (Released Oct. 24, 2024)
v3 r1 (Released July 24, 2024)
v2 r9 (Released Jan. 24, 2024)
v2 r8 (Released July 26, 2023)
v2 r7 (Released April 27, 2023)
v2 r6 (Released Jan. 26, 2023)
v2 r5 (Released July 27, 2022)
v2 r4 (Released April 27, 2022)
v2 r3 (Released Jan. 27, 2022)
v2 r2 (Released Oct. 27, 2021)
v2 r1 (Released April 23, 2021)
v1 r18 (Released July 24, 2020)
v1 r17 (Released April 24, 2020)
v1 r16 (Released Jan. 24, 2020)
v1 r15 (Released Oct. 25, 2019)
v1 r14 (Released Aug. 23, 2019)
v1 r13 (Released July 26, 2019)
v1 r12 (Released Jan. 25, 2019)
v1 r11 (Released Oct. 26, 2018)
v1 r10 (Released April 27, 2018)
v1 r9 (Released Jan. 26, 2018)
v1 r8 (Released July 28, 2017)
v1 r7 (Released April 28, 2017)
v1 r6 (Released Jan. 27, 2017)
ID
Vuln ID
Title
Cat
Status
O121-C2-015300
V-220291
The DBMS, when utilizing PKI-based authentication, must validate certificates by constructing a certification path with status information to an accepted trust anchor.
Cat II
O121-C2-015501
V-220293
Oracle Database must map the PKI-authenticated identity to an associated user account.
Cat II
O121-C2-015700
V-220294
The DBMS must use NIST-validated FIPS 140-2 or 140-3 compliant cryptography for authentication mechanisms.
Cat I
O121-C2-016500
V-237738
The DBMS must terminate the network connection associated with a communications session at the end of the session or 15 minutes of inactivity.
Cat II
O121-C2-016600
V-237739
The DBMS must implement required cryptographic protections using cryptographic modules complying with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
Cat I
O121-C2-016700
V-237740
Database data files containing sensitive information must be encrypted.
Cat II
O121-C2-017600
V-220295
The DBMS must terminate user sessions upon user logoff or any other organization or policy-defined session termination events, such as idle time limit exceeded.
Cat II
O121-C2-018200
V-220296
The DBMS must preserve any organization-defined system state information in the event of a system failure.
Cat II
O121-C2-018300
V-220297
The DBMS must take needed steps to protect data at rest and ensure confidentiality and integrity of application data.
Cat I
O121-C2-018500
V-220298
The DBMS must isolate security functions from nonsecurity functions by means of separate security domains.
Cat II
O121-C2-018600
V-237741
The DBMS must automatically terminate emergency accounts after an organization-defined time period for each type of account.
Cat II
O121-C2-018900
V-220299
The DBMS must prevent unauthorized and unintended information transfer via shared system resources.
Cat II
O121-C2-019100
V-237742
The DBMS must protect against or limit the effects of organization-defined types of Denial of Service (DoS) attacks.
Cat II
O121-C2-019500
V-220300
The DBMS must check the validity of data inputs.
Cat II
O121-C2-019600
V-237743
The system must verify there have not been unauthorized changes to the DBMS software and information.
Cat II
Prev
1...
4
5
6
7
8
9
10
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.