Documentation - V-270548

V-270548

Oracle Database 19c Security Technical Implementation Guide

CAT II

Title

Oracle Database must be protected from unauthorized access by developers on shared production/development host systems.

Description

<VulnDiscussion>Applications employ the concept of least privilege for specific duties and information systems (including specific functions, ports, protocols, and services). The concept of least privilege is also applied to information system processes, ensuring that the processes operate at privilege levels no higher than necessary to accomplish required organizational missions and/or functions. Organizations consider the creation of additional processes, roles, and information system accounts...

Fix Text (Documentation Requirement)

Restrict developer privileges to production objects to only objects and data where those privileges are required and authorized. Document the approval and risk acceptance. Consider using separate accounts for a person's developer duties and production duties. At a minimum, use separate roles for developer privileges and production privileges. If developers need the ability to create and maintain tables (or other database objects) as part of their development activities, provide dedicated tablespaces, and revoke any rights that allowed them to use production tablespaces for this purpose.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel