Details

Protections and privileges are designed within the database to correspond to access via authorized software. Use of unauthorized software to access the database could indicate an attempt to bypass established permissions. Reviewing the use of application software to the database can lead to discovery of unauthorized access attempts.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Modify auditing to ensure audit records include identification of applications used to access the DBMS.

Ensure auditing captures the name [or unique identifier] of applications accessing the DBMS at a minimum.

Develop or procure a 3rd-party solution where native DBMS logging is not employed or does not capture required information.

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Windows.

References

• 800-53|AU-12c.
• CAT|II
• Rule-ID|SV-24626r1_rule
• STIG-ID|DG0052-ORACLE11
• Vuln-ID|V-3807

Source

• Tenable.com/audits