Date of Data Collection | Date of Report | Reporter Version |
---|---|---|
Mon Feb 26 2018 09:27:00 | Mon Feb 26 2018 09:29:30 | 2.0.1 (December 2017) - d526 |
Name | Platform | Database Role | Log Mode | Created |
---|---|---|---|---|
TVDNCDB | Linux x86 64-bit | PRIMARY | ARCHIVELOG | Fri Mar 10 2017 12:08:00 |
Section | Pass | Evaluate | Advisory | Low Risk | Medium Risk | High Risk | Total Findings |
---|---|---|---|---|---|---|---|
Basic Information | 0 | 0 | 0 | 0 | 0 | 1 | 1 |
User Accounts | 5 | 0 | 0 | 3 | 3 | 1 | 12 |
Privileges and Roles | 4 | 15 | 0 | 0 | 0 | 0 | 19 |
Authorization Control | 0 | 0 | 2 | 0 | 0 | 0 | 2 |
Data Encryption | 0 | 1 | 1 | 0 | 0 | 0 | 2 |
Fine-Grained Access Control | 0 | 0 | 5 | 0 | 0 | 0 | 5 |
Auditing | 3 | 4 | 2 | 0 | 3 | 0 | 12 |
Database Configuration | 6 | 4 | 0 | 2 | 0 | 1 | 13 |
Network Configuration | 1 | 0 | 0 | 1 | 3 | 0 | 5 |
Operating System | 2 | 1 | 0 | 1 | 1 | 0 | 5 |
Total | 21 | 25 | 10 | 7 | 10 | 3 | 76 |
Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit Production |
Security options used: (none) |
Feature | Currently Used |
---|---|
AUTHORIZATION CONTROL | |
Database Vault | No |
Privilege Analysis | No |
DATA ENCRYPTION | |
Column Encryption | No |
Tablespace Encryption | No |
Network Encryption | No |
FINE-GRAINED ACCESS CONTROL | |
Data Redaction | No |
Virtual Private Database | No |
Real Application Security | No |
Label Security | No |
Transparent Sensitive Data Protection | No |
AUDITING | |
Traditional Audit | No |
Fine Grained Audit | No |
Unified Audit | Yes |
USER AUTHENTICATION | |
External Authentication | No |
Global Authentication | No |
INFO.PATCH | CIS | ||
Status | High Risk | ||
Summary | Latest comprehensive patch not found. | ||
Details | Latest comprehensive patch: Oct 17 2017 (132 days ago) Latest interim patch: Sep 29 2017 (150 days ago) Binary Patch Inventory: Patch ID: 21594114 (created September 2017) Patch ID (Comprehensive): 21632407 (created October 2017) SQL Patch History: Action time: Sun Oct 22 2017 19:54:00 Action: APPLY Version: 12.2.0.1 Bundle series: DBRU Description: DATABASE RELEASE UPDATE 12.2.0.1.171017 Action time: Sun Oct 22 2017 19:53:00 Action: APPLY Version: 12.2.0.1 Bundle series: Description: OJVM RELEASE UPDATE: 12.2.0.1.171017 (26635944) Action time: Sun Oct 22 2017 19:53:00 Action: ROLLBACK Version: 12.2.0.1 Bundle series: DBBP Description: DATABASE BUNDLE PATCH 12.2.0.1.170620 Action time: Sun Oct 22 2017 19:53:00 Action: ROLLBACK Version: 12.2.0.1 Bundle series: Description: OJVM RELEASE UPDATE: 12.2.0.1.170718 (25811364) Action time: Tue Jul 18 2017 20:32:00 Action: APPLY Version: 12.2.0.1 Bundle series: DBRU Description: DATABASE RELEASE UPDATE 12.2.0.1.170718 Action time: Tue Jul 18 2017 20:32:00 Action: APPLY Version: 12.2.0.1 Bundle series: Description: OJVM RELEASE UPDATE: 12.2.0.1.170718 (25811364) Action time: Tue Jul 18 2017 20:32:00 Action: ROLLBACK Version: 12.2.0.1 Bundle series: DBBP Description: DATABASE BUNDLE PATCH 12.2.0.1.170620 Action time: Thu Jun 22 2017 13:15:00 Action: APPLY Version: 12.2.0.1 Bundle series: DBBP Description: DATABASE BUNDLE PATCH 12.2.0.1.170620 Action time: Sun May 21 2017 13:47:00 Action: APPLY Version: 12.2.0.1 Bundle series: DBBP Description: DATABASE BUNDLE PATCH 12.2.0.1.170516 | ||
Remarks | It is vital to keep the database software up-to-date with security fixes as they are released. Oracle issues comprehensive patches in the form of Release Updates, Patch Set Updates, and Bundle Patches on a regular quarterly schedule. These updates should be applied as soon as they are available. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 1.1 |
User Name | Status | Profile | Tablespace | Predefined | Type |
---|---|---|---|---|---|
ANONYMOUS | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
APPQOSSYS | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
AUDSYS | EXPIRED & LOCKED | DEFAULT | USERS | Yes | PASSWORD |
BI | OPEN | DEFAULT | EXAMPLE | No | PASSWORD |
CTXSYS | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
DBSFWUSER | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
DBSNMP | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
DIP | EXPIRED & LOCKED | DEFAULT | USERS | Yes | PASSWORD |
GGSYS | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
GSMADMIN_INTERNAL | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
GSMCATUSER | EXPIRED & LOCKED | DEFAULT | USERS | Yes | PASSWORD |
GSMUSER | EXPIRED & LOCKED | GSM_PROF | USERS | Yes | PASSWORD |
HR | OPEN | DEFAULT | EXAMPLE | Yes | PASSWORD |
IX | OPEN | DEFAULT | EXAMPLE | Yes | PASSWORD |
MDDATA | EXPIRED & LOCKED | DEFAULT | USERS | Yes | PASSWORD |
MDSYS | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
O12TEST | OPEN | DEFAULT | USERS | No | PASSWORD |
OE | OPEN | DEFAULT | EXAMPLE | Yes | PASSWORD |
OJVMSYS | EXPIRED & LOCKED | DEFAULT | SYSTEM | Yes | PASSWORD |
OLAPSYS | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
ORACLE_OCM | EXPIRED & LOCKED | DEFAULT | USERS | Yes | PASSWORD |
ORDDATA | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
ORDPLUGINS | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
ORDSYS | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
OUTLN | EXPIRED & LOCKED | DEFAULT | SYSTEM | Yes | PASSWORD |
PM | OPEN | DEFAULT | EXAMPLE | Yes | PASSWORD |
REMOTE_SCHEDULER_AGENT | EXPIRED & LOCKED | DEFAULT | USERS | Yes | PASSWORD |
SCOTT | OPEN | DEFAULT | USERS | Yes | PASSWORD |
SH | OPEN | DEFAULT | EXAMPLE | Yes | PASSWORD |
SI_INFORMTN_SCHEMA | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
SPATIAL_CSW_ADMIN_USR | EXPIRED & LOCKED | DEFAULT | USERS | Yes | PASSWORD |
SYS | LOCKED | DEFAULT | SYSTEM | Yes | PASSWORD |
SYS$UMF | EXPIRED & LOCKED | DEFAULT | SYSTEM | Yes | PASSWORD |
SYSBACKUP | EXPIRED & LOCKED | DEFAULT | USERS | Yes | PASSWORD |
SYSDG | EXPIRED & LOCKED | DEFAULT | USERS | Yes | PASSWORD |
SYSKM | EXPIRED & LOCKED | DEFAULT | USERS | Yes | PASSWORD |
SYSRAC | EXPIRED & LOCKED | DEFAULT | USERS | Yes | PASSWORD |
SYSTEM | OPEN | DEFAULT | SYSTEM | Yes | PASSWORD |
TEST2 | LOCKED | DEFAULT | USERS | No | PASSWORD |
WMSYS | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
XDB | EXPIRED & LOCKED | DEFAULT | SYSAUX | Yes | PASSWORD |
USER.TBLSPACE | |||
Status | Pass | ||
Summary | No user uses SYSTEM or SYSAUX tablespace. | ||
Remarks | The SYSTEM and SYSAUX tablespaces are reserved for Oracle-supplied user accounts. To avoid a possible denial of service caused by exhausting these resources, regular user accounts should not use these tablespaces. Prior to Oracle Database 12.2, the SYSTEM tablespace cannot be encrypted, and this is another reason to avoid user schemas in this tablespace. |
USER.SAMPLE | CIS | ||
Status | Medium Risk | ||
Summary | Found 7 sample schemas. | ||
Details | Sample schemas: BI, HR, IX, OE, PM, SCOTT, SH | ||
Remarks | Sample schemas are well-known accounts provided by Oracle to serve as simple examples for developers. They generally serve no purpose in a production database and should be removed because they unnecessarily increase the attack surface of the database. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 1.3 |
USER.INACTIVE | |||
Status | Low Risk | ||
Summary | Found 9 unlocked users inactive for more than 30 days. | ||
Details | Inactive users: BI, HR, IX, O12TEST, OE, PM, SCOTT, SH, SYSTEM | ||
Remarks | If a user account is no longer in use, it increases the attack surface of the system unnecessarily while providing no corresponding benefit. Furthermore, unauthorized use is less likely to be noticed when no one is regularly using the account. Accounts that have been unused for more than 30 days should be investigated to determine whether they should remain active. |
USER.CASE | CIS | ||
Status | Pass | ||
Summary | Case-sensitive passwords are used. | ||
Details | SEC_CASE_SENSITIVE_LOGON=TRUE | ||
Remarks | Case-sensitive passwords are recommended because including both upper and lower-case letters greatly increases the set of possible passwords that must be searched by an attacker who is attempting to guess a password by exhaustive search. Setting SEC_CASE_SENSITIVE_LOGON to TRUE ensures that the database distinguishes between upper and lower-case letters in passwords. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.2.12 |
USER.EXPIRED | |||
Status | Pass | ||
Summary | No unlocked users with password expired for more than 30 days found. | ||
Remarks | Password expiration is used to ensure that users change their passwords on a regular basis. If a user's password has been expired for more than 30 days, it indicates that the user has not logged in for at least that long. Accounts that have been unused for an extended period of time should be investigated to determine whether they should remain active. |
USER.DEFPWD | CIS | ||
Status | High Risk | ||
Summary | Found 6 unlocked user accounts with default password. | ||
Details | Users with default password: HR, IX, OE, PM, SCOTT, SH | ||
Remarks | Default account passwords for predefined Oracle accounts are well known. Open accounts with default passwords provide a trivial means of entry for attackers, but well-known passwords should be changed for locked accounts as well. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 1.2 |
USER.AUTHVERS | |||
Status | Low Risk | ||
Summary | Minimum client version is not configured correctly. | ||
Details | SQLNET.ALLOWED_LOGON_VERSION_SERVER=10. Recommended value is 12a. | ||
Remarks | Over time, Oracle releases have added support for increasingly secure versions of the algorithm used for password authentication of user accounts. In order to remain compatible with older client software, the database continues to support previous password versions as well. The sqlnet.ora parameter ALLOWED_LOGON_VERSION_SERVER determines the minimum password version that the database will accept. For maximum security, this parameter should be set to the highest value supported by the database once all client systems have been upgraded. |
USER.VERIFIER | |||
Status | Medium Risk | ||
Summary | Found 2 user accounts requiring updated password verifiers. No user accounts have HTTP verifiers. | ||
Details | Database supports password versions up to 12C. Users requiring updated password verifiers: ANONYMOUS(), REMOTE_SCHEDULER_AGENT() Users with HTTP verifiers: (none) | ||
Remarks | For each user account, the database may store multiple verifiers, which are hashes of the user password. Each verifier supports a different version of the password authentication algorithm. Every user account should include a verifier for the latest password version supported by the database so that the user can be authenticated using the latest algorithm supported by the client. When all clients have been updated, the security of user accounts can be improved by removing the obsolete verifiers. HTTP password verifiers are used for XML Database authentication. Use the ALTER USER command to remove these verifiers from user accounts that do not require this access. |
USER.PARAM | CIS | ||
Status | Pass | ||
Summary | Examined 2 initialization parameters. No issues found. | ||
Details | SEC_MAX_FAILED_LOGIN_ATTEMPTS=3 RESOURCE_LIMIT=TRUE | ||
Remarks | SEC_MAX_FAILED_LOGIN_ATTEMPTS configures the maximum number of failed login attempts in a single session before the connection is closed. This is independent of the user profile parameter FAILED_LOGIN_ATTEMPTS, which controls locking the user account after multiple failed login attempts. RESOURCE_LIMIT should be set to TRUE to enable enforcement of any resource constraints set in user profiles. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.2.13, 2.2.19 |
Profile Name | Resource | Value |
---|---|---|
DEFAULT | (Number of Users) | 40 |
DEFAULT | CONNECT_TIME | UNLIMITED |
DEFAULT | FAILED_LOGIN_ATTEMPTS | 10 |
DEFAULT | IDLE_TIME | UNLIMITED |
DEFAULT | PASSWORD_GRACE_TIME | 7 |
DEFAULT | PASSWORD_LIFE_TIME | UNLIMITED |
DEFAULT | PASSWORD_LOCK_TIME | 1 |
DEFAULT | PASSWORD_REUSE_MAX | UNLIMITED |
DEFAULT | PASSWORD_REUSE_TIME | UNLIMITED |
DEFAULT | PASSWORD_VERIFY_FUNCTION | NULL |
GSM_PROF | (Number of Users) | 1 |
GSM_PROF | CONNECT_TIME | UNLIMITED (DEFAULT) |
GSM_PROF | FAILED_LOGIN_ATTEMPTS | 10000000 |
GSM_PROF | IDLE_TIME | UNLIMITED (DEFAULT) |
GSM_PROF | PASSWORD_GRACE_TIME | 7 (DEFAULT) |
GSM_PROF | PASSWORD_LIFE_TIME | UNLIMITED (DEFAULT) |
GSM_PROF | PASSWORD_LOCK_TIME | 1 (DEFAULT) |
GSM_PROF | PASSWORD_REUSE_MAX | UNLIMITED (DEFAULT) |
GSM_PROF | PASSWORD_REUSE_TIME | UNLIMITED (DEFAULT) |
GSM_PROF | PASSWORD_VERIFY_FUNCTION | NULL (DEFAULT) |
ORA_STIG_PROFILE | (Number of Users) | 0 |
ORA_STIG_PROFILE | CONNECT_TIME | UNLIMITED (DEFAULT) |
ORA_STIG_PROFILE | FAILED_LOGIN_ATTEMPTS | 3 |
ORA_STIG_PROFILE | IDLE_TIME | 15 |
ORA_STIG_PROFILE | PASSWORD_GRACE_TIME | 5 |
ORA_STIG_PROFILE | PASSWORD_LIFE_TIME | 60 |
ORA_STIG_PROFILE | PASSWORD_LOCK_TIME | UNLIMITED |
ORA_STIG_PROFILE | PASSWORD_REUSE_MAX | 10 |
ORA_STIG_PROFILE | PASSWORD_REUSE_TIME | 365 |
ORA_STIG_PROFILE | PASSWORD_VERIFY_FUNCTION | ORA12C_STIG_VERIFY_FUNCTION |
USER.NOEXPIRE | CIS | ||
Status | Low Risk | ||
Summary | Found 41 users with passwords that never expire. Found 41 users with no limits on password reuse. Found 41 users with no minimum time before password reuse. All users lock after password expiration. | ||
Details | PASSWORD_LIFE_TIME: Profiles with limited password lifetime: ORA_STIG_PROFILE(60) Profiles with unlimited password lifetime: DEFAULT, GSM_PROF Users with unlimited password lifetime: ANONYMOUS, APPQOSSYS, AUDSYS, BI, CTXSYS, DBSFWUSER, DBSNMP, DIP, GGSYS, GSMADMIN_INTERNAL, GSMCATUSER, GSMUSER, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OLAPSYS, ORACLE_OCM, ORDDATA, ORDPLUGINS, ORDSYS, OUTLN, PM, REMOTE_SCHEDULER_AGENT, SCOTT, SH, SI_INFORMTN_SCHEMA, SPATIAL_CSW_ADMIN_USR, SYS, SYS$UMF, SYSBACKUP, SYSDG, SYSKM, SYSRAC, SYSTEM, TEST2, WMSYS, XDB PASSWORD_REUSE_MAX: Profiles with limits on password reuse: ORA_STIG_PROFILE(10) Profiles without limits on password reuse: DEFAULT, GSM_PROF Users without limits on password reuse: ANONYMOUS, APPQOSSYS, AUDSYS, BI, CTXSYS, DBSFWUSER, DBSNMP, DIP, GGSYS, GSMADMIN_INTERNAL, GSMCATUSER, GSMUSER, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OLAPSYS, ORACLE_OCM, ORDDATA, ORDPLUGINS, ORDSYS, OUTLN, PM, REMOTE_SCHEDULER_AGENT, SCOTT, SH, SI_INFORMTN_SCHEMA, SPATIAL_CSW_ADMIN_USR, SYS, SYS$UMF, SYSBACKUP, SYSDG, SYSKM, SYSRAC, SYSTEM, TEST2, WMSYS, XDB PASSWORD_REUSE_TIME: Profiles with minimum time before password reuse: ORA_STIG_PROFILE(365) Profiles without minimum time before password reuse: DEFAULT, GSM_PROF Users without minimum time before password reuse: ANONYMOUS, APPQOSSYS, AUDSYS, BI, CTXSYS, DBSFWUSER, DBSNMP, DIP, GGSYS, GSMADMIN_INTERNAL, GSMCATUSER, GSMUSER, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OLAPSYS, ORACLE_OCM, ORDDATA, ORDPLUGINS, ORDSYS, OUTLN, PM, REMOTE_SCHEDULER_AGENT, SCOTT, SH, SI_INFORMTN_SCHEMA, SPATIAL_CSW_ADMIN_USR, SYS, SYS$UMF, SYSBACKUP, SYSDG, SYSKM, SYSRAC, SYSTEM, TEST2, WMSYS, XDB PASSWORD_GRACE_TIME: Profiles with locking after password expiration: DEFAULT(7), GSM_PROF(7), ORA_STIG_PROFILE(5) Profiles without locking after password expiration: (none) Users without locking after password expiration: (none) | ||
Remarks | Password expiration is used to ensure that users change their passwords on a regular basis. Passwords that never expire may remain unchanged for an extended period of time. When passwords do not have to be changed regularly, users are also more likely to use the same passwords for multiple accounts. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 3.3, 3.4, 3.5, 3.6 |
USER.NOLOCK | CIS | ||
Status | Pass | ||
Summary | No users have unlimited failed login attempts. All users have minimum lock time. | ||
Details | FAILED_LOGIN_ATTEMPTS: Profiles with limited failed login attempts: DEFAULT(10), GSM_PROF(10000000), ORA_STIG_PROFILE(3) Profiles with unlimited failed login attempts: (none) Users with unlimited failed login attempts: (none) PASSWORD_LOCK_TIME: Profiles with minimum lock time: DEFAULT(1), GSM_PROF(1) Profiles without minimum lock time: ORA_STIG_PROFILE Users without minimum lock time: (none) | ||
Remarks | Attackers sometimes attempt to guess a user's password by simply trying all possibilities from a set of common passwords. To defend against this attack, it is advisable to use the FAILED_LOGIN_ATTEMPTS and PASSWORD_LOCK_TIME profile resources to lock user accounts for a specified time when there are multiple failed login attempts without a successful login. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 3.1, 3.2 |
USER.PASSWD | CIS | ||
Status | Medium Risk | ||
Summary | Found 41 users not using password verification function. | ||
Details | Profiles with password verification function: ORA_STIG_PROFILE(ORA12C_STIG_VERIFY_FUNCTION) Profiles without password verification function: DEFAULT, GSM_PROF Users without password verification function: ANONYMOUS, APPQOSSYS, AUDSYS, BI, CTXSYS, DBSFWUSER, DBSNMP, DIP, GGSYS, GSMADMIN_INTERNAL, GSMCATUSER, GSMUSER, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OLAPSYS, ORACLE_OCM, ORDDATA, ORDPLUGINS, ORDSYS, OUTLN, PM, REMOTE_SCHEDULER_AGENT, SCOTT, SH, SI_INFORMTN_SCHEMA, SPATIAL_CSW_ADMIN_USR, SYS, SYS$UMF, SYSBACKUP, SYSDG, SYSKM, SYSRAC, SYSTEM, TEST2, WMSYS, XDB | ||
Remarks | Password verification functions are used to ensure that user passwords meet minimum requirements for complexity, which may include factors such as length, use of numbers or punctuation characters, difference from previous passwords, etc. Oracle supplies several predefined functions, or a custom PL/SQL function can be used. Every user profile should include a password verification function. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 3.8 |
PRIV.SYSTEM | CIS | ||
Status | Evaluate | ||
Summary | 971 grants of system privileges (48 with admin option). | ||
Details | Users directly or indirectly granted each system privilege: ADMINISTER ANY SQL TUNING SET: O12TEST, SYSTEM ADMINISTER DATABASE TRIGGER: GSMADMIN_INTERNAL, MDSYS, O12TEST, SYSTEM, WMSYS ADMINISTER KEY MANAGEMENT: SYSKM(*) ADMINISTER RESOURCE MANAGER: APPQOSSYS, GSMADMIN_INTERNAL, O12TEST, SYSTEM ADMINISTER SQL MANAGEMENT OBJECT: GSMADMIN_INTERNAL, O12TEST, SYSTEM ADMINISTER SQL TUNING SET: O12TEST, SYSTEM ADVISOR: DBSNMP, O12TEST, SYSTEM ALTER ANY ANALYTIC VIEW: O12TEST, SYSTEM ALTER ANY ASSEMBLY: O12TEST, SYSTEM ALTER ANY ATTRIBUTE DIMENSION: O12TEST, SYSTEM ALTER ANY CLUSTER: O12TEST, SYSTEM ALTER ANY CUBE: O12TEST, SYSTEM ALTER ANY CUBE BUILD PROCESS: O12TEST, SYSTEM ALTER ANY CUBE DIMENSION: O12TEST, SYSTEM ALTER ANY DIMENSION: O12TEST, SYSTEM ALTER ANY EDITION: O12TEST, SYSTEM ALTER ANY EVALUATION CONTEXT: O12TEST, SYSTEM ALTER ANY HIERARCHY: O12TEST, SYSTEM ALTER ANY INDEX: GGSYS, GSMADMIN_INTERNAL, GSMUSER, O12TEST, SYSTEM, WMSYS ALTER ANY INDEXTYPE: O12TEST, SYSTEM ALTER ANY LIBRARY: O12TEST, SYSTEM ALTER ANY MATERIALIZED VIEW: GSMUSER, O12TEST, SYSTEM ALTER ANY MEASURE FOLDER: O12TEST, SYSTEM ALTER ANY MINING MODEL: O12TEST, SYSTEM ALTER ANY OPERATOR: O12TEST, SYSTEM ALTER ANY OUTLINE: O12TEST, SYSTEM ALTER ANY PROCEDURE: GSMADMIN_INTERNAL, GSMUSER, O12TEST, SYSTEM, WMSYS ALTER ANY ROLE: O12TEST, SPATIAL_CSW_ADMIN_USR, SYSTEM ALTER ANY RULE: O12TEST, SYSTEM ALTER ANY RULE SET: O12TEST, SYSTEM ALTER ANY SEQUENCE: GSMUSER, O12TEST, SYSTEM, WMSYS ALTER ANY SQL PROFILE: O12TEST, SYSTEM ALTER ANY SQL TRANSLATION PROFILE: O12TEST, SYSTEM ALTER ANY TABLE: GGSYS, GSMADMIN_INTERNAL, GSMUSER, MDSYS, O12TEST, SYSTEM, WMSYS ALTER ANY TRIGGER: GSMADMIN_INTERNAL, O12TEST, SYSTEM, WMSYS ALTER ANY TYPE: GSMADMIN_INTERNAL, O12TEST, SYSTEM ALTER DATABASE: GSMADMIN_INTERNAL, O12TEST, SYSBACKUP, SYSDG, SYSRAC, SYSTEM ALTER LOCKDOWN PROFILE: O12TEST, SYSTEM ALTER PROFILE: GSMADMIN_INTERNAL, O12TEST, SYSTEM ALTER RESOURCE COST: GSMADMIN_INTERNAL, O12TEST, SYSTEM ALTER ROLLBACK SEGMENT: O12TEST, SYSTEM ALTER SESSION: APPQOSSYS, BI, CTXSYS, GSMADMIN_INTERNAL, GSMCATUSER, HR, IX, O12TEST, SH, SYSBACKUP, SYSDG, SYSRAC, SYSTEM, WMSYS, XDB ALTER SYSTEM: GSMADMIN_INTERNAL, GSMCATUSER, O12TEST, SYSBACKUP, SYSDG, SYSRAC, SYSTEM ALTER TABLESPACE: GSMADMIN_INTERNAL, O12TEST, SYSBACKUP, SYSTEM ALTER USER: GSMADMIN_INTERNAL, O12TEST, SYSTEM, WMSYS ANALYZE ANY: DBSNMP, GSMADMIN_INTERNAL, O12TEST, SYSTEM ANALYZE ANY DICTIONARY: DBSNMP, O12TEST, SYSTEM AUDIT ANY: GSMADMIN_INTERNAL, O12TEST, SYSBACKUP, SYSTEM AUDIT SYSTEM: GSMADMIN_INTERNAL, O12TEST, SYSTEM BACKUP ANY TABLE: GSMADMIN_INTERNAL, O12TEST, SYSTEM BECOME USER: GSMADMIN_INTERNAL, O12TEST, SYSTEM CHANGE NOTIFICATION: O12TEST, SYSTEM COMMENT ANY MINING MODEL: O12TEST, SYSTEM COMMENT ANY TABLE: GSMADMIN_INTERNAL, O12TEST, SYSTEM CREATE ANALYTIC VIEW: O12TEST, SYSTEM CREATE ANY ANALYTIC VIEW: O12TEST, SYSTEM CREATE ANY ASSEMBLY: O12TEST, SYSTEM CREATE ANY ATTRIBUTE DIMENSION: O12TEST, SYSTEM CREATE ANY CLUSTER: GSMADMIN_INTERNAL, O12TEST, SYSBACKUP, SYSTEM CREATE ANY CONTEXT: GSMADMIN_INTERNAL, O12TEST, SYSTEM CREATE ANY CREDENTIAL: GSMADMIN_INTERNAL, O12TEST(*), SYSTEM(*) CREATE ANY CUBE: O12TEST, OLAPSYS, SYSTEM CREATE ANY CUBE BUILD PROCESS: O12TEST, OLAPSYS, SYSTEM CREATE ANY CUBE DIMENSION: O12TEST, OLAPSYS, SYSTEM CREATE ANY DIMENSION: GSMADMIN_INTERNAL, O12TEST, SYSTEM CREATE ANY DIRECTORY: GSMADMIN_INTERNAL, O12TEST, SPATIAL_CSW_ADMIN_USR, SYSBACKUP, SYSTEM CREATE ANY EDITION: O12TEST, SYSTEM CREATE ANY EVALUATION CONTEXT: O12TEST, SYSTEM CREATE ANY HIERARCHY: O12TEST, SYSTEM CREATE ANY INDEX: GSMADMIN_INTERNAL, GSMUSER, O12TEST, SYSTEM, WMSYS CREATE ANY INDEXTYPE: GSMADMIN_INTERNAL, O12TEST, SYSTEM CREATE ANY JOB: GSMADMIN_INTERNAL, O12TEST(*), SYSTEM(*) CREATE ANY LIBRARY: GSMADMIN_INTERNAL, O12TEST, SYSTEM CREATE ANY MATERIALIZED VIEW: GSMADMIN_INTERNAL, GSMUSER, O12TEST, SYSTEM CREATE ANY MEASURE FOLDER: O12TEST, OLAPSYS, SYSTEM CREATE ANY MINING MODEL: O12TEST, SYSTEM CREATE ANY OPERATOR: GSMADMIN_INTERNAL, O12TEST, SYSTEM CREATE ANY OUTLINE: O12TEST, SYSTEM CREATE ANY PROCEDURE: GSMADMIN_INTERNAL, GSMUSER, O12TEST, SYSTEM, WMSYS CREATE ANY RULE: O12TEST, SYSTEM CREATE ANY RULE SET: O12TEST, SYSTEM CREATE ANY SEQUENCE: GSMADMIN_INTERNAL, GSMUSER, MDSYS, O12TEST, SYSTEM, WMSYS CREATE ANY SQL PROFILE: GSMADMIN_INTERNAL, O12TEST, SYSTEM CREATE ANY SQL TRANSLATION PROFILE: O12TEST, SYSTEM CREATE ANY SYNONYM: GSMADMIN_INTERNAL, GSMUSER, O12TEST, SYSTEM CREATE ANY TABLE: GGSYS, GSMADMIN_INTERNAL, GSMUSER, O12TEST, OLAPSYS, SYSBACKUP, SYSTEM, WMSYS CREATE ANY TRIGGER: GSMADMIN_INTERNAL, MDSYS, O12TEST, SYSTEM, WMSYS CREATE ANY TYPE: GSMADMIN_INTERNAL, O12TEST, SYSTEM CREATE ANY VIEW: GSMADMIN_INTERNAL, GSMUSER, O12TEST, OLAPSYS, SYSTEM, WMSYS CREATE ASSEMBLY: O12TEST, SYSTEM CREATE ATTRIBUTE DIMENSION: O12TEST, SYSTEM CREATE CLUSTER: BI, CTXSYS, GGSYS, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OUTLN, PM, SCOTT, SH, SPATIAL_CSW_ADMIN_USR, SYSTEM, XDB CREATE CREDENTIAL: O12TEST(*), SYSTEM(*) CREATE CUBE: O12TEST, SYSTEM CREATE CUBE BUILD PROCESS: O12TEST, SYSTEM CREATE CUBE DIMENSION: O12TEST, SYSTEM CREATE DATABASE LINK: BI, GGSYS, GSMADMIN_INTERNAL, HR, IX, O12TEST, OE, SH, SYSTEM CREATE DIMENSION: O12TEST, SH, SYSTEM CREATE EVALUATION CONTEXT: GSMCATUSER(*), IX(*), MDSYS(*), O12TEST, SYSRAC(*), SYSTEM(*) CREATE EXTERNAL JOB: GSMADMIN_INTERNAL, O12TEST(*), SYSTEM(*) CREATE HIERARCHY: O12TEST, SYSTEM CREATE INDEXTYPE: BI, CTXSYS, GGSYS, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OUTLN, PM, SCOTT, SH, SPATIAL_CSW_ADMIN_USR, SYSTEM, XDB CREATE JOB: CTXSYS, DBSNMP, GSMADMIN_INTERNAL, MDSYS, O12TEST(*), OLAPSYS, ORACLE_OCM, SYSTEM(*), XDB CREATE LIBRARY: GSMADMIN_INTERNAL, MDSYS, O12TEST, SPATIAL_CSW_ADMIN_USR, SYSTEM, XDB CREATE LOCKDOWN PROFILE: O12TEST, SYSTEM CREATE MATERIALIZED VIEW: O12TEST, OE, SH, SYSTEM CREATE MEASURE FOLDER: O12TEST, SYSTEM CREATE MINING MODEL: O12TEST, SYSTEM CREATE OPERATOR: BI, CTXSYS, GGSYS, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OUTLN, PM, SCOTT, SH, SPATIAL_CSW_ADMIN_USR, SYSTEM, XDB CREATE PLUGGABLE DATABASE: O12TEST, SYSTEM CREATE PROCEDURE: BI, CTXSYS, DBSNMP, GGSYS, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OUTLN, PM, SCOTT, SH, SPATIAL_CSW_ADMIN_USR, SYSTEM, XDB CREATE PROFILE: GSMADMIN_INTERNAL, O12TEST, SYSTEM CREATE PUBLIC DATABASE LINK: GSMADMIN_INTERNAL, O12TEST, SYSTEM CREATE PUBLIC SYNONYM: CTXSYS, GSMADMIN_INTERNAL, MDSYS, O12TEST, SYSTEM, XDB CREATE ROLE: GSMADMIN_INTERNAL, O12TEST, SPATIAL_CSW_ADMIN_USR, SYSTEM CREATE ROLLBACK SEGMENT: GSMADMIN_INTERNAL, O12TEST, SYSTEM CREATE RULE: GSMCATUSER(*), IX(*), MDSYS(*), O12TEST, SYSRAC(*), SYSTEM(*) CREATE RULE SET: GSMCATUSER(*), IX(*), MDSYS(*), O12TEST, SYSRAC(*), SYSTEM(*) CREATE SEQUENCE: BI, CTXSYS, GGSYS, GSMADMIN_INTERNAL, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OLAPSYS, OUTLN, PM, SCOTT, SH, SPATIAL_CSW_ADMIN_USR, SYSTEM, XDB CREATE SESSION: ANONYMOUS, APPQOSSYS, BI, CTXSYS, DBSFWUSER, DBSNMP, DIP, GGSYS, GSMADMIN_INTERNAL, GSMCATUSER, GSMUSER, HR, IX, MDDATA, MDSYS, O12TEST, OE, OUTLN, PM, SCOTT(*), SH, SPATIAL_CSW_ADMIN_USR, SYS$UMF, SYSTEM, XDB CREATE SQL TRANSLATION PROFILE: O12TEST, SYSTEM CREATE SYNONYM: BI, CTXSYS, HR, IX, O12TEST, OE, SH, SYSTEM CREATE TABLE: AUDSYS, BI, CTXSYS, DBSNMP, GGSYS, GSMADMIN_INTERNAL, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OUTLN, PM, SCOTT, SH, SPATIAL_CSW_ADMIN_USR, SYSTEM, XDB CREATE TABLESPACE: GSMADMIN_INTERNAL, GSMUSER, O12TEST, SYSTEM CREATE TRIGGER: BI, CTXSYS, GGSYS, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OUTLN, PM, SCOTT, SH, SPATIAL_CSW_ADMIN_USR, SYSTEM, XDB CREATE TYPE: BI, CTXSYS, GGSYS, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OUTLN, PM, SCOTT, SH, SPATIAL_CSW_ADMIN_USR, SYSTEM, XDB CREATE USER: GSMADMIN_INTERNAL, O12TEST, SYSTEM, WMSYS CREATE VIEW: BI, CTXSYS, HR, IX, MDSYS, O12TEST, OE, SCOTT, SH, SYSTEM, XDB DEBUG ANY PROCEDURE: O12TEST, SYSTEM DEBUG CONNECT ANY: O12TEST, SYSTEM DEBUG CONNECT SESSION: O12TEST, SYSTEM DELETE ANY CUBE DIMENSION: O12TEST, OLAPSYS, SYSTEM DELETE ANY MEASURE FOLDER: O12TEST, OLAPSYS, SYSTEM DELETE ANY TABLE: GSMADMIN_INTERNAL, MDSYS, O12TEST, OLAPSYS, SYSTEM, WMSYS DEQUEUE ANY QUEUE: GSMCATUSER(*), IX(*), MDSYS(*), O12TEST, SYSRAC(*), SYSTEM(*) DROP ANY ANALYTIC VIEW: O12TEST, SYSTEM DROP ANY ASSEMBLY: O12TEST, SYSTEM DROP ANY ATTRIBUTE DIMENSION: O12TEST, SYSTEM DROP ANY CLUSTER: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP ANY CONTEXT: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP ANY CUBE: O12TEST, OLAPSYS, SYSTEM DROP ANY CUBE BUILD PROCESS: O12TEST, OLAPSYS, SYSTEM DROP ANY CUBE DIMENSION: O12TEST, OLAPSYS, SYSTEM DROP ANY DIMENSION: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP ANY DIRECTORY: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP ANY EDITION: O12TEST, SYSTEM DROP ANY EVALUATION CONTEXT: O12TEST, SYSTEM DROP ANY HIERARCHY: O12TEST, SYSTEM DROP ANY INDEX: GSMADMIN_INTERNAL, GSMUSER, O12TEST, SYSTEM, WMSYS DROP ANY INDEXTYPE: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP ANY LIBRARY: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP ANY MATERIALIZED VIEW: GSMADMIN_INTERNAL, GSMUSER, O12TEST, SYSTEM DROP ANY MEASURE FOLDER: O12TEST, OLAPSYS, SYSTEM DROP ANY MINING MODEL: O12TEST, SYSTEM DROP ANY OPERATOR: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP ANY OUTLINE: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP ANY PROCEDURE: GSMADMIN_INTERNAL, GSMUSER, O12TEST, SYSTEM, WMSYS DROP ANY ROLE: GSMADMIN_INTERNAL, O12TEST, SPATIAL_CSW_ADMIN_USR, SYSTEM DROP ANY RULE: O12TEST, SYSTEM DROP ANY RULE SET: O12TEST, SYSTEM DROP ANY SEQUENCE: GSMADMIN_INTERNAL, GSMUSER, O12TEST, SYSTEM, WMSYS DROP ANY SQL PROFILE: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP ANY SQL TRANSLATION PROFILE: O12TEST, SYSTEM DROP ANY SYNONYM: GSMADMIN_INTERNAL, GSMUSER, O12TEST, SYSTEM DROP ANY TABLE: GSMADMIN_INTERNAL, GSMUSER, O12TEST, OLAPSYS, SYSTEM, WMSYS DROP ANY TRIGGER: GSMADMIN_INTERNAL, MDSYS, O12TEST, SYSTEM, WMSYS DROP ANY TYPE: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP ANY VIEW: GSMADMIN_INTERNAL, GSMUSER, O12TEST, OLAPSYS, SYSTEM, WMSYS DROP LOCKDOWN PROFILE: O12TEST, SYSTEM DROP PROFILE: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP PUBLIC DATABASE LINK: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP PUBLIC SYNONYM: CTXSYS, GSMADMIN_INTERNAL, MDSYS, O12TEST, SYSTEM, XDB DROP ROLLBACK SEGMENT: GSMADMIN_INTERNAL, O12TEST, SYSTEM DROP TABLESPACE: GSMADMIN_INTERNAL, O12TEST, SYSBACKUP, SYSTEM DROP USER: GSMADMIN_INTERNAL, O12TEST, SYSTEM, WMSYS EM EXPRESS CONNECT: O12TEST, SYSTEM ENQUEUE ANY QUEUE: GSMCATUSER(*), IX(*), MDSYS(*), O12TEST, SYSRAC(*), SYSTEM(*) EXECUTE ANY ASSEMBLY: O12TEST, SYSTEM EXECUTE ANY CLASS: O12TEST(*), SYSTEM(*) EXECUTE ANY EVALUATION CONTEXT: O12TEST, SYSTEM EXECUTE ANY INDEXTYPE: O12TEST, SYSTEM EXECUTE ANY LIBRARY: O12TEST, SYSTEM EXECUTE ANY OPERATOR: GSMADMIN_INTERNAL, O12TEST, SYSTEM EXECUTE ANY PROCEDURE: GSMADMIN_INTERNAL, O12TEST, OUTLN, SYSTEM, WMSYS EXECUTE ANY PROGRAM: O12TEST(*), SYSTEM(*) EXECUTE ANY RULE: O12TEST, SYSTEM EXECUTE ANY RULE SET: O12TEST, SYSTEM EXECUTE ANY TYPE: GSMADMIN_INTERNAL, O12TEST, SYSTEM, WMSYS EXECUTE ASSEMBLY: O12TEST, SYSTEM EXEMPT ACCESS POLICY: MDSYS EXEMPT DDL REDACTION POLICY: O12TEST, SYSTEM EXEMPT DML REDACTION POLICY: O12TEST, SYSTEM EXEMPT REDACTION POLICY: GSMADMIN_INTERNAL, O12TEST, SYSTEM EXPORT FULL DATABASE: O12TEST, SYSTEM FLASHBACK ANY TABLE: GSMADMIN_INTERNAL, MDSYS, O12TEST, SYSTEM FLASHBACK ARCHIVE ADMINISTER: O12TEST, SCOTT, SYSTEM FORCE ANY TRANSACTION: O12TEST, SYSTEM FORCE TRANSACTION: O12TEST, SYSTEM GLOBAL QUERY REWRITE: GSMADMIN_INTERNAL, O12TEST, SYSTEM GRANT ANY OBJECT PRIVILEGE: GSMADMIN_INTERNAL, O12TEST, SYSTEM GRANT ANY PRIVILEGE: GSMADMIN_INTERNAL, O12TEST, SYSTEM GRANT ANY ROLE: GSMADMIN_INTERNAL, O12TEST, SPATIAL_CSW_ADMIN_USR, SYSTEM IMPORT FULL DATABASE: O12TEST, SYSTEM INHERIT ANY PRIVILEGES: CTXSYS, DBSNMP, GSMADMIN_INTERNAL, MDSYS, ORACLE_OCM, ORDPLUGINS, ORDSYS, WMSYS, XDB INSERT ANY CUBE DIMENSION: O12TEST, OLAPSYS, SYSTEM INSERT ANY MEASURE FOLDER: O12TEST, OLAPSYS, SYSTEM INSERT ANY TABLE: GSMADMIN_INTERNAL, O12TEST, OLAPSYS, SYSTEM, WMSYS LOCK ANY TABLE: GSMADMIN_INTERNAL, O12TEST, SYSTEM, WMSYS LOGMINING: O12TEST, SYSTEM MANAGE ANY FILE GROUP: O12TEST, SYSTEM MANAGE ANY QUEUE: DBSNMP, GSMADMIN_INTERNAL, GSMCATUSER(*), IX(*), MDSYS(*), O12TEST, SYSRAC(*), SYSTEM(*) MANAGE FILE GROUP: O12TEST, SYSTEM MANAGE SCHEDULER: CTXSYS, GSMADMIN_INTERNAL, MDSYS, O12TEST(*), SYSTEM(*) MANAGE TABLESPACE: O12TEST, SYSTEM MERGE ANY VIEW: O12TEST, SYSTEM ON COMMIT REFRESH: O12TEST, SYSTEM QUERY REWRITE: O12TEST, OE, SH, SYSTEM, XDB READ ANY FILE GROUP: GSMADMIN_INTERNAL, O12TEST, SYSTEM READ ANY TABLE: O12TEST, SYSTEM REDEFINE ANY TABLE: O12TEST, SYSTEM RESTRICTED SESSION: O12TEST, SYSTEM RESUMABLE: GSMADMIN_INTERNAL, O12TEST, SYSBACKUP, SYSTEM SELECT ANY CUBE: O12TEST, OLAPSYS, SYSTEM SELECT ANY CUBE BUILD PROCESS: O12TEST, SYSTEM SELECT ANY CUBE DIMENSION: O12TEST, OLAPSYS, SYSTEM SELECT ANY DICTIONARY: DBSNMP, GGSYS, GSMADMIN_INTERNAL, IX, O12TEST, SCOTT, SYSBACKUP, SYSDG, SYSTEM, WMSYS SELECT ANY MEASURE FOLDER: O12TEST, SYSTEM SELECT ANY MINING MODEL: O12TEST, SYSTEM SELECT ANY SEQUENCE: GSMADMIN_INTERNAL, O12TEST, SYSTEM, WMSYS SELECT ANY TABLE: GGSYS, GSMADMIN_INTERNAL, MDSYS, O12TEST, OLAPSYS, SCOTT, SYSTEM, WMSYS SELECT ANY TRANSACTION: O12TEST, SYSBACKUP, SYSTEM SET CONTAINER: CTXSYS, DBSNMP, GGSYS, GSMCATUSER, GSMUSER, IX, MDDATA, MDSYS, O12TEST, OUTLN, PM, SCOTT, SPATIAL_CSW_ADMIN_USR, SYSTEM, XDB UNDER ANY TABLE: O12TEST, SYSTEM UNDER ANY TYPE: O12TEST, SYSTEM UNDER ANY VIEW: O12TEST, SYSTEM UNLIMITED TABLESPACE: BI, CTXSYS, DBSFWUSER, DBSNMP, GGSYS, GSMADMIN_INTERNAL, GSMUSER, HR, IX, MDSYS, O12TEST, OE, OJVMSYS, ORDDATA, ORDSYS, OUTLN, PM, SCOTT, SH, SI_INFORMTN_SCHEMA, SYSBACKUP, SYSTEM, WMSYS, XDB UPDATE ANY CUBE: O12TEST, OLAPSYS, SYSTEM UPDATE ANY CUBE BUILD PROCESS: O12TEST, OLAPSYS, SYSTEM UPDATE ANY CUBE DIMENSION: O12TEST, OLAPSYS, SYSTEM UPDATE ANY TABLE: GSMADMIN_INTERNAL, MDSYS, O12TEST, OLAPSYS, SYSTEM, WMSYS USE ANY JOB RESOURCE: O12TEST, SYSTEM USE ANY SQL TRANSLATION PROFILE: O12TEST, SYSTEM (*) = granted with admin option | ||
Remarks | System privileges provide the ability to access data or perform administrative operations for the entire database. Consistent with the principle of least privilege, these privileges should be granted sparingly. The Privilege Analysis feature of Database Vault may be helpful to determine the minimum set of privileges required by a user or role. In some cases, it may be possible to substitute a more limited object privilege grant in place of a system privilege grant that applies to all objects. System privileges should be granted with admin option only when the recipient needs the ability to grant the privilege to others. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 4.7 |
PRIV.ROLES | CIS | ||
Status | Evaluate | ||
Summary | 125 grants of roles. | ||
Details | Users directly or indirectly granted each role: AQ_ADMINISTRATOR_ROLE: GSMCATUSER, IX, MDSYS, SYSRAC, SYSTEM AQ_USER_ROLE: IX CAPTURE_ADMIN: O12TEST, SYSTEM CDB_DBA: DBSNMP CONNECT: GGSYS, GSMCATUSER, GSMUSER, IX, MDDATA, MDSYS, PM, SCOTT, SPATIAL_CSW_ADMIN_USR CTXAPP: CTXSYS, MDSYS, XDB DATAPUMP_EXP_FULL_DATABASE: GSMADMIN_INTERNAL, O12TEST, SYSTEM DATAPUMP_IMP_FULL_DATABASE: GSMADMIN_INTERNAL, O12TEST, SYSTEM DBA: O12TEST, SYSTEM DBFS_ROLE: XDB EM_EXPRESS_ALL: O12TEST, SYSTEM EM_EXPRESS_BASIC: O12TEST, SYSTEM EXECUTE_CATALOG_ROLE: GSMADMIN_INTERNAL, O12TEST, SYSTEM EXP_FULL_DATABASE: GSMADMIN_INTERNAL, O12TEST, SYSTEM GATHER_SYSTEM_STATISTICS: O12TEST, SYSTEM GSMADMIN_ROLE: GSMCATUSER GSMUSER_ROLE: GSMUSER GSM_POOLADMIN_ROLE: GSMCATUSER HS_ADMIN_EXECUTE_ROLE: GSMADMIN_INTERNAL, O12TEST, SYSTEM HS_ADMIN_SELECT_ROLE: DBSNMP, GSMADMIN_INTERNAL, IX, O12TEST, SH, SYS$UMF, SYSBACKUP, SYSTEM IMP_FULL_DATABASE: GSMADMIN_INTERNAL, O12TEST, SYSTEM JAVAUSERPRIV: ORDSYS JAVA_ADMIN: O12TEST, SYSTEM JAVA_DEPLOY: O12TEST, SYSTEM OEM_MONITOR: DBSNMP OLAP_DBA: O12TEST, OLAPSYS, SYSTEM OLAP_XS_ADMIN: O12TEST, SYSTEM OPTIMIZER_PROCESSING_RATE: O12TEST, SYSTEM RECOVERY_CATALOG_OWNER: (none) RECOVERY_CATALOG_USER: (none) RESOURCE: BI, CTXSYS, GGSYS, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OUTLN, PM, SCOTT, SH, SPATIAL_CSW_ADMIN_USR, XDB SCHEDULER_ADMIN: O12TEST, SYSTEM SELECT_CATALOG_ROLE: DBSNMP, GSMADMIN_INTERNAL, IX, O12TEST, SH, SYS$UMF, SYSBACKUP, SYSTEM SODA_APP: BI, CTXSYS, GGSYS, HR, IX, MDDATA, MDSYS, O12TEST, OE, OJVMSYS, OUTLN, PM, SCOTT, SH, SPATIAL_CSW_ADMIN_USR, XDB SPATIAL_CSW_ADMIN: SPATIAL_CSW_ADMIN_USR SYSUMF_ROLE: SYS$UMF WM_ADMIN_ROLE: O12TEST, SYSTEM, WMSYS XDBADMIN: GSMCATUSER, O12TEST, OE, SYSTEM XDB_SET_INVOKER: O12TEST, SYSTEM | ||
Remarks | Roles are a convenient way to manage groups of related privileges, especially when the privileges are required for a particular task or job function. Beware of broadly defined roles, which may confer more privileges than an individual recipient requires. Roles should be granted with admin option only when the recipient needs the ability to modify the role or grant it to others. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 4.4.1 |
PRIV.ACCT | |||
Status | Evaluate | ||
Summary | 34 grants of account management privileges. | ||
Details | Grants of ALTER USER, CREATE USER, DROP USER: GSMADMIN_INTERNAL: ALTER USER GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE: ALTER USER GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: ALTER USER, CREATE USER, DROP USER O12TEST <- DBA: ALTER USER, CREATE USER, DROP USER O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE: ALTER USER O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: ALTER USER, CREATE USER, DROP USER O12TEST <- DBA <- EM_EXPRESS_ALL: ALTER USER, CREATE USER, DROP USER O12TEST <- DBA <- IMP_FULL_DATABASE: ALTER USER, CREATE USER, DROP USER SYSTEM <- DBA: ALTER USER, CREATE USER, DROP USER SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE: ALTER USER SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: ALTER USER, CREATE USER, DROP USER SYSTEM <- DBA <- EM_EXPRESS_ALL: ALTER USER, CREATE USER, DROP USER SYSTEM <- DBA <- IMP_FULL_DATABASE: ALTER USER, CREATE USER, DROP USER WMSYS: ALTER USER, CREATE USER, DROP USER | ||
Remarks | User management privileges (ALTER USER, CREATE USER, DROP USER) can be used to create and modify other user accounts, including changing passwords. This power can be abused to gain access to another user's account, which may have greater privileges. |
PRIV.MGMT | CIS | ||
Status | Evaluate | ||
Summary | 64 grants of privilege management privileges. | ||
Details | Grants of ALTER ANY ROLE, CREATE ROLE, DROP ANY ROLE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE: GSMADMIN_INTERNAL: GRANT ANY PRIVILEGE, GRANT ANY ROLE GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE: GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: CREATE ROLE, DROP ANY ROLE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE O12TEST <- DBA: ALTER ANY ROLE, CREATE ROLE, DROP ANY ROLE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE: GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: CREATE ROLE, DROP ANY ROLE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE O12TEST <- DBA <- EM_EXPRESS_ALL: ALTER ANY ROLE, CREATE ROLE, DROP ANY ROLE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE O12TEST <- DBA <- IMP_FULL_DATABASE: CREATE ROLE, DROP ANY ROLE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE SPATIAL_CSW_ADMIN_USR: ALTER ANY ROLE, CREATE ROLE, DROP ANY ROLE, GRANT ANY ROLE SYSTEM <- DBA: ALTER ANY ROLE, CREATE ROLE, DROP ANY ROLE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE: GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: CREATE ROLE, DROP ANY ROLE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE SYSTEM <- DBA <- EM_EXPRESS_ALL: ALTER ANY ROLE, CREATE ROLE, DROP ANY ROLE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE SYSTEM <- DBA <- IMP_FULL_DATABASE: CREATE ROLE, DROP ANY ROLE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE | ||
Remarks | Users with privilege management privileges (ALTER ANY ROLE, CREATE ROLE, DROP ANY ROLE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE) can change the set of privileges granted to themselves and other users. This ability should be granted sparingly, since it can be used to circumvent many security controls in the database. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 4.3.10, 4.3.11, 4.3.12 |
PRIV.DBMGMT | CIS | ||
Status | Evaluate | ||
Summary | 35 grants of database management privilege. | ||
Details | Grants of ALTER DATABASE, ALTER SYSTEM, CREATE ANY LIBRARY, CREATE LIBRARY: GSMADMIN_INTERNAL: ALTER SYSTEM, CREATE LIBRARY GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE: ALTER DATABASE GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: ALTER DATABASE, CREATE ANY LIBRARY GSMCATUSER <- GSMADMIN_ROLE: ALTER SYSTEM MDSYS: CREATE LIBRARY O12TEST <- DBA: ALTER DATABASE, ALTER SYSTEM, CREATE ANY LIBRARY, CREATE LIBRARY O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE: ALTER DATABASE O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: ALTER DATABASE, CREATE ANY LIBRARY O12TEST <- DBA <- EM_EXPRESS_ALL: ALTER SYSTEM O12TEST <- DBA <- IMP_FULL_DATABASE: ALTER DATABASE, CREATE ANY LIBRARY SPATIAL_CSW_ADMIN_USR: CREATE LIBRARY SYSBACKUP: ALTER DATABASE, ALTER SYSTEM SYSDG: ALTER DATABASE, ALTER SYSTEM SYSRAC: ALTER DATABASE, ALTER SYSTEM SYSTEM <- DBA: ALTER DATABASE, ALTER SYSTEM, CREATE ANY LIBRARY, CREATE LIBRARY SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE: ALTER DATABASE SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: ALTER DATABASE, CREATE ANY LIBRARY SYSTEM <- DBA <- EM_EXPRESS_ALL: ALTER SYSTEM SYSTEM <- DBA <- IMP_FULL_DATABASE: ALTER DATABASE, CREATE ANY LIBRARY XDB: CREATE LIBRARY | ||
Remarks | Database management privileges (ALTER DATABASE, ALTER SYSTEM, CREATE ANY LIBRARY, CREATE LIBRARY) can be used to change the operation of the database and potentially bypass security protections. This ability should be granted only to trusted administrators. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 4.3.7, 4.3.8, 4.3.9 |
PRIV.AUDIT | CIS | ||
Status | Evaluate | ||
Summary | 23 grants of audit privilege. | ||
Details | Grants of AUDIT ANY, AUDIT SYSTEM: GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE: AUDIT ANY, AUDIT SYSTEM GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: AUDIT ANY, AUDIT SYSTEM O12TEST <- DBA: AUDIT ANY, AUDIT SYSTEM O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE: AUDIT ANY, AUDIT SYSTEM O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: AUDIT ANY, AUDIT SYSTEM O12TEST <- DBA <- IMP_FULL_DATABASE: AUDIT ANY, AUDIT SYSTEM SYSBACKUP: AUDIT ANY SYSTEM <- DBA: AUDIT ANY, AUDIT SYSTEM SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE: AUDIT ANY, AUDIT SYSTEM SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: AUDIT ANY, AUDIT SYSTEM SYSTEM <- DBA <- IMP_FULL_DATABASE: AUDIT ANY, AUDIT SYSTEM (no users) <- AUDIT_ADMIN: AUDIT ANY, AUDIT SYSTEM | ||
Remarks | Audit management privileges (AUDIT ANY, AUDIT SYSTEM) can be used to change the audit policies for the database. This ability should be granted sparingly, since it may be used to hide malicious activity. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 4.3.3 |
PRIV.DATA | CIS | ||
Status | Evaluate | ||
Summary | 126 grants of data access privileges. | ||
Details | Grants of ALTER ANY TABLE, ALTER ANY TRIGGER, CREATE ANY INDEX, CREATE ANY PROCEDURE, CREATE ANY TRIGGER, DELETE ANY TABLE, INSERT ANY TABLE, READ ANY TABLE, SELECT ANY DICTIONARY, SELECT ANY TABLE, UPDATE ANY TABLE: DBSNMP: SELECT ANY DICTIONARY DBSNMP <- OEM_MONITOR: SELECT ANY DICTIONARY GGSYS: ALTER ANY TABLE, SELECT ANY DICTIONARY, SELECT ANY TABLE GSMADMIN_INTERNAL: ALTER ANY TABLE, SELECT ANY DICTIONARY, SELECT ANY TABLE GSMADMIN_INTERNAL <- DATAPUMP_EXP_FULL_DATABASE <- EXP_FULL_DATABASE: SELECT ANY TABLE GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE: DELETE ANY TABLE, SELECT ANY TABLE GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE <- EXP_FULL_DATABASE: SELECT ANY TABLE GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: ALTER ANY TABLE, ALTER ANY TRIGGER, CREATE ANY INDEX, CREATE ANY PROCEDURE, CREATE ANY TRIGGER, DELETE ANY TABLE, INSERT ANY TABLE, SELECT ANY TABLE, UPDATE ANY TABLE GSMUSER: ALTER ANY TABLE, CREATE ANY INDEX, CREATE ANY PROCEDURE IX: SELECT ANY DICTIONARY MDSYS: ALTER ANY TABLE, CREATE ANY TRIGGER, DELETE ANY TABLE, SELECT ANY TABLE, UPDATE ANY TABLE O12TEST: SELECT ANY DICTIONARY O12TEST <- DBA: ALTER ANY TABLE, ALTER ANY TRIGGER, CREATE ANY INDEX, CREATE ANY PROCEDURE, CREATE ANY TRIGGER, DELETE ANY TABLE, INSERT ANY TABLE, READ ANY TABLE, SELECT ANY DICTIONARY, SELECT ANY TABLE, UPDATE ANY TABLE O12TEST <- DBA <- DATAPUMP_EXP_FULL_DATABASE <- EXP_FULL_DATABASE: SELECT ANY TABLE O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE: DELETE ANY TABLE, SELECT ANY TABLE O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- EXP_FULL_DATABASE: SELECT ANY TABLE O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: ALTER ANY TABLE, ALTER ANY TRIGGER, CREATE ANY INDEX, CREATE ANY PROCEDURE, CREATE ANY TRIGGER, DELETE ANY TABLE, INSERT ANY TABLE, SELECT ANY TABLE, UPDATE ANY TABLE O12TEST <- DBA <- EXP_FULL_DATABASE: SELECT ANY TABLE O12TEST <- DBA <- IMP_FULL_DATABASE: ALTER ANY TABLE, ALTER ANY TRIGGER, CREATE ANY INDEX, CREATE ANY PROCEDURE, CREATE ANY TRIGGER, DELETE ANY TABLE, INSERT ANY TABLE, SELECT ANY TABLE, UPDATE ANY TABLE O12TEST <- DBA <- OLAP_DBA: DELETE ANY TABLE, INSERT ANY TABLE, SELECT ANY TABLE, UPDATE ANY TABLE OLAPSYS <- OLAP_DBA: DELETE ANY TABLE, INSERT ANY TABLE, SELECT ANY TABLE, UPDATE ANY TABLE SCOTT: SELECT ANY DICTIONARY, SELECT ANY TABLE SYSBACKUP: SELECT ANY DICTIONARY SYSDG: SELECT ANY DICTIONARY SYSTEM: SELECT ANY TABLE SYSTEM <- DBA: ALTER ANY TABLE, ALTER ANY TRIGGER, CREATE ANY INDEX, CREATE ANY PROCEDURE, CREATE ANY TRIGGER, DELETE ANY TABLE, INSERT ANY TABLE, READ ANY TABLE, SELECT ANY DICTIONARY, SELECT ANY TABLE, UPDATE ANY TABLE SYSTEM <- DBA <- DATAPUMP_EXP_FULL_DATABASE <- EXP_FULL_DATABASE: SELECT ANY TABLE SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE: DELETE ANY TABLE, SELECT ANY TABLE SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- EXP_FULL_DATABASE: SELECT ANY TABLE SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: ALTER ANY TABLE, ALTER ANY TRIGGER, CREATE ANY INDEX, CREATE ANY PROCEDURE, CREATE ANY TRIGGER, DELETE ANY TABLE, INSERT ANY TABLE, SELECT ANY TABLE, UPDATE ANY TABLE SYSTEM <- DBA <- EXP_FULL_DATABASE: SELECT ANY TABLE SYSTEM <- DBA <- IMP_FULL_DATABASE: ALTER ANY TABLE, ALTER ANY TRIGGER, CREATE ANY INDEX, CREATE ANY PROCEDURE, CREATE ANY TRIGGER, DELETE ANY TABLE, INSERT ANY TABLE, SELECT ANY TABLE, UPDATE ANY TABLE SYSTEM <- DBA <- OLAP_DBA: DELETE ANY TABLE, INSERT ANY TABLE, SELECT ANY TABLE, UPDATE ANY TABLE WMSYS: ALTER ANY TABLE, ALTER ANY TRIGGER, CREATE ANY INDEX, CREATE ANY PROCEDURE, CREATE ANY TRIGGER, DELETE ANY TABLE, INSERT ANY TABLE, SELECT ANY DICTIONARY, SELECT ANY TABLE, UPDATE ANY TABLE | ||
Remarks | Users with data access privileges (ALTER ANY TABLE, ALTER ANY TRIGGER, CREATE ANY INDEX, CREATE ANY PROCEDURE, CREATE ANY TRIGGER, DELETE ANY TABLE, INSERT ANY TABLE, READ ANY TABLE, SELECT ANY DICTIONARY, SELECT ANY TABLE, UPDATE ANY TABLE) can override various access controls on data. Most administrative tasks do not require access to the data itself, so these privileges should be granted rarely even to administrators. In addition to minimizing grants of these privileges, consider the use of Database Vault realms to limit the use of these privileges to access sensitive data. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 4.3.1, 4.3.2 |
PRIV.EXEMPT | CIS | ||
Status | Evaluate | ||
Summary | 9 grants of access control exemption privileges. | ||
Details | Grants of EXEMPT ACCESS POLICY, EXEMPT REDACTION POLICY: GSMADMIN_INTERNAL <- DATAPUMP_EXP_FULL_DATABASE <- EXP_FULL_DATABASE: EXEMPT REDACTION POLICY GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE <- EXP_FULL_DATABASE: EXEMPT REDACTION POLICY MDSYS: EXEMPT ACCESS POLICY O12TEST <- DBA <- DATAPUMP_EXP_FULL_DATABASE <- EXP_FULL_DATABASE: EXEMPT REDACTION POLICY O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- EXP_FULL_DATABASE: EXEMPT REDACTION POLICY O12TEST <- DBA <- EXP_FULL_DATABASE: EXEMPT REDACTION POLICY SYSTEM <- DBA <- DATAPUMP_EXP_FULL_DATABASE <- EXP_FULL_DATABASE: EXEMPT REDACTION POLICY SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- EXP_FULL_DATABASE: EXEMPT REDACTION POLICY SYSTEM <- DBA <- EXP_FULL_DATABASE: EXEMPT REDACTION POLICY | ||
Remarks | Users with exemption privileges (EXEMPT ACCESS POLICY, EXEMPT REDACTION POLICY) can bypass the access control policies created using Virtual Private Database and Data Redaction. Most administrative tasks do not require access to the data itself, so these privileges should be granted rarely even to administrators. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 4.3.4 |
PRIV.PASSWD | CIS | ||
Status | Pass | ||
Summary | No grants of object privileges on restricted objects. | ||
Remarks | Users with these privileges can access objects that contain user password verifiers. The verifiers can be used in offline attacks to discover user passwords. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.6 |
PRIV.OBJ | |||
Status | Evaluate | ||
Summary | 746 grants of object privileges on restricted objects. | ||
Details | Grants of DELETE, INSERT, UPDATE on SYS, DVSYS, or LBACSYS objects: GGSYS: DELETE on SYS.DDL_REQUESTS, DELETE on SYS.DDL_REQUESTS_PWD, INSERT on SYS.DDL_REQUESTS, INSERT on SYS.DDL_REQUESTS_PWD, UPDATE on SYS.DDL_REQUESTS, UPDATE on SYS.DDL_REQUESTS_PWD GSMADMIN_INTERNAL: DELETE on SYS.DDL_REQUESTS, DELETE on SYS.DDL_REQUESTS_PWD, INSERT on SYS.DDL_REQUESTS, INSERT on SYS.DDL_REQUESTS_PWD, UPDATE on SYS.DDL_REQUESTS, UPDATE on SYS.DDL_REQUESTS_PWD GSMADMIN_INTERNAL <- DATAPUMP_EXP_FULL_DATABASE <- EXP_FULL_DATABASE: DELETE on SYS.INCEXP, DELETE on SYS.INCFIL, DELETE on SYS.INCVID, INSERT on SYS.INCEXP, INSERT on SYS.INCFIL, INSERT on SYS.INCVID, UPDATE on SYS.INCEXP, UPDATE on SYS.INCFIL, UPDATE on SYS.INCVID GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE <- EXP_FULL_DATABASE: DELETE on SYS.INCEXP, DELETE on SYS.INCFIL, DELETE on SYS.INCVID, INSERT on SYS.INCEXP, INSERT on SYS.INCFIL, INSERT on SYS.INCVID, UPDATE on SYS.INCEXP, UPDATE on SYS.INCFIL, UPDATE on SYS.INCVID GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: DELETE on SYS.EXPIMP_TTS_CT$, DELETE on SYS.RADM_FPTM$, INSERT on SYS.EXPIMP_TTS_CT$, INSERT on SYS.RADM_FPTM$, UPDATE on SYS.EXPIMP_TTS_CT$ O12TEST <- DBA: INSERT on SYS.XSDB$SCHEMA_ACL, UPDATE on SYS.XSDB$SCHEMA_ACL O12TEST <- DBA <- DATAPUMP_EXP_FULL_DATABASE <- EXP_FULL_DATABASE: DELETE on SYS.INCEXP, DELETE on SYS.INCFIL, DELETE on SYS.INCVID, INSERT on SYS.INCEXP, INSERT on SYS.INCFIL, INSERT on SYS.INCVID, UPDATE on SYS.INCEXP, UPDATE on SYS.INCFIL, UPDATE on SYS.INCVID O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- EXP_FULL_DATABASE: DELETE on SYS.INCEXP, DELETE on SYS.INCFIL, DELETE on SYS.INCVID, INSERT on SYS.INCEXP, INSERT on SYS.INCFIL, INSERT on SYS.INCVID, UPDATE on SYS.INCEXP, UPDATE on SYS.INCFIL, UPDATE on SYS.INCVID O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: DELETE on SYS.EXPIMP_TTS_CT$, DELETE on SYS.RADM_FPTM$, INSERT on SYS.EXPIMP_TTS_CT$, INSERT on SYS.RADM_FPTM$, UPDATE on SYS.EXPIMP_TTS_CT$ O12TEST <- DBA <- EXP_FULL_DATABASE: DELETE on SYS.INCEXP, DELETE on SYS.INCFIL, DELETE on SYS.INCVID, INSERT on SYS.INCEXP, INSERT on SYS.INCFIL, INSERT on SYS.INCVID, UPDATE on SYS.INCEXP, UPDATE on SYS.INCFIL, UPDATE on SYS.INCVID O12TEST <- DBA <- GATHER_SYSTEM_STATISTICS: DELETE on SYS.AUX_STATS$, DELETE on SYS.WRI$_OPTSTAT_AUX_HISTORY, INSERT on SYS.AUX_STATS$, INSERT on SYS.WRI$_OPTSTAT_AUX_HISTORY, UPDATE on SYS.AUX_STATS$, UPDATE on SYS.WRI$_OPTSTAT_AUX_HISTORY O12TEST <- DBA <- IMP_FULL_DATABASE: DELETE on SYS.EXPIMP_TTS_CT$, DELETE on SYS.RADM_FPTM$, INSERT on SYS.EXPIMP_TTS_CT$, INSERT on SYS.RADM_FPTM$, UPDATE on SYS.EXPIMP_TTS_CT$ O12TEST <- DBA <- OPTIMIZER_PROCESSING_RATE: DELETE on SYS.OPT_CALIBRATION_STATS$, INSERT on SYS.OPT_CALIBRATION_STATS$, UPDATE on SYS.OPT_CALIBRATION_STATS$ ORDSYS: DELETE on SYS.EXPDEPACT$, DELETE on SYS.EXPDEPOBJ$, DELETE on SYS.EXPPKGACT$, DELETE on SYS.EXPPKGOBJ$, INSERT on SYS.EXPDEPACT$, INSERT on SYS.EXPDEPOBJ$, INSERT on SYS.EXPPKGACT$, INSERT on SYS.EXPPKGOBJ$ SYS$UMF <- SYSUMF_ROLE: DELETE on SYS.UMF$_LINK, DELETE on SYS.UMF$_REGISTRATION, DELETE on SYS.UMF$_SERVICE, DELETE on SYS.UMF$_TOPOLOGY, DELETE on SYS.WRH$_ACTIVE_SESSION_HISTORY, DELETE on SYS.WRH$_ASM_BAD_DISK, DELETE on SYS.WRH$_ASM_DISKGROUP, DELETE on SYS.WRH$_ASM_DISKGROUP_STAT, DELETE on SYS.WRH$_BG_EVENT_SUMMARY, DELETE on SYS.WRH$_BUFFERED_QUEUES, DELETE on SYS.WRH$_BUFFERED_SUBSCRIBERS, DELETE on SYS.WRH$_BUFFER_POOL_STATISTICS, DELETE on SYS.WRH$_CELL_CONFIG, DELETE on SYS.WRH$_CELL_CONFIG_DETAIL, DELETE on SYS.WRH$_CELL_DB, DELETE on SYS.WRH$_CELL_DISK_SUMMARY, DELETE on SYS.WRH$_CELL_GLOBAL, DELETE on SYS.WRH$_CELL_GLOBAL_SUMMARY, DELETE on SYS.WRH$_CELL_IOREASON, DELETE on SYS.WRH$_CELL_IOREASON_NAME, DELETE on SYS.WRH$_CELL_METRIC_DESC, DELETE on SYS.WRH$_CELL_OPEN_ALERTS, DELETE on SYS.WRH$_CHANNEL_WAITS, DELETE on SYS.WRH$_CLUSTER_INTERCON, DELETE on SYS.WRH$_COMP_IOSTAT, DELETE on SYS.WRH$_CON_SYSMETRIC_HISTORY, DELETE on SYS.WRH$_CON_SYSMETRIC_SUMMARY, DELETE on SYS.WRH$_CON_SYSSTAT, DELETE on SYS.WRH$_CON_SYSTEM_EVENT, DELETE on SYS.WRH$_CON_SYS_TIME_MODEL, DELETE on SYS.WRH$_CR_BLOCK_SERVER, DELETE on SYS.WRH$_CURRENT_BLOCK_SERVER, DELETE on SYS.WRH$_DATAFILE, DELETE on SYS.WRH$_DB_CACHE_ADVICE, DELETE on SYS.WRH$_DISPATCHER, DELETE on SYS.WRH$_DLM_MISC, DELETE on SYS.WRH$_DYN_REMASTER_STATS, DELETE on SYS.WRH$_ENQUEUE_STAT, DELETE on SYS.WRH$_EVENT_HISTOGRAM, DELETE on SYS.WRH$_EVENT_NAME, DELETE on SYS.WRH$_FILEMETRIC_HISTORY, DELETE on SYS.WRH$_FILESTATXS, DELETE on SYS.WRH$_IC_CLIENT_STATS, DELETE on SYS.WRH$_IC_DEVICE_STATS, DELETE on SYS.WRH$_IM_SEG_STAT, DELETE on SYS.WRH$_IM_SEG_STAT_OBJ, DELETE on SYS.WRH$_INSTANCE_RECOVERY, DELETE on SYS.WRH$_INST_CACHE_TRANSFER, DELETE on SYS.WRH$_INTERCONNECT_PINGS, DELETE on SYS.WRH$_IOSTAT_DETAIL, DELETE on SYS.WRH$_IOSTAT_FILETYPE, DELETE on SYS.WRH$_IOSTAT_FILETYPE_NAME, DELETE on SYS.WRH$_IOSTAT_FUNCTION, DELETE on SYS.WRH$_IOSTAT_FUNCTION_NAME, DELETE on SYS.WRH$_JAVA_POOL_ADVICE, DELETE on SYS.WRH$_LATCH, DELETE on SYS.WRH$_LATCH_CHILDREN, DELETE on SYS.WRH$_LATCH_MISSES_SUMMARY, DELETE on SYS.WRH$_LATCH_NAME, DELETE on SYS.WRH$_LATCH_PARENT, DELETE on SYS.WRH$_LIBRARYCACHE, DELETE on SYS.WRH$_LMS_STATS, DELETE on SYS.WRH$_LOG, DELETE on SYS.WRH$_MEMORY_RESIZE_OPS, DELETE on SYS.WRH$_MEMORY_TARGET_ADVICE, DELETE on SYS.WRH$_MEM_DYNAMIC_COMP, DELETE on SYS.WRH$_METRIC_NAME, DELETE on SYS.WRH$_MTTR_TARGET_ADVICE, DELETE on SYS.WRH$_MUTEX_SLEEP, DELETE on SYS.WRH$_MVPARAMETER, DELETE on SYS.WRH$_OPTIMIZER_ENV, DELETE on SYS.WRH$_OSSTAT, DELETE on SYS.WRH$_OSSTAT_NAME, DELETE on SYS.WRH$_PARAMETER, DELETE on SYS.WRH$_PARAMETER_NAME, DELETE on SYS.WRH$_PERSISTENT_QMN_CACHE, DELETE on SYS.WRH$_PERSISTENT_QUEUES, DELETE on SYS.WRH$_PERSISTENT_SUBSCRIBERS, DELETE on SYS.WRH$_PGASTAT, DELETE on SYS.WRH$_PGA_TARGET_ADVICE, DELETE on SYS.WRH$_PLAN_OPERATION_NAME, DELETE on SYS.WRH$_PLAN_OPTION_NAME, DELETE on SYS.WRH$_PROCESS_MEMORY_SUMMARY, DELETE on SYS.WRH$_RECOVERY_PROGRESS, DELETE on SYS.WRH$_REPLICATION_TBL_STATS, DELETE on SYS.WRH$_REPLICATION_TXN_STATS, DELETE on SYS.WRH$_RESOURCE_LIMIT, DELETE on SYS.WRH$_ROWCACHE_SUMMARY, DELETE on SYS.WRH$_RSRC_CONSUMER_GROUP, DELETE on SYS.WRH$_RSRC_METRIC, DELETE on SYS.WRH$_RSRC_PDB_METRIC, DELETE on SYS.WRH$_RSRC_PLAN, DELETE on SYS.WRH$_RULE_SET, DELETE on SYS.WRH$_SEG_STAT, DELETE on SYS.WRH$_SEG_STAT_OBJ, DELETE on SYS.WRH$_SERVICE_NAME, DELETE on SYS.WRH$_SERVICE_STAT, DELETE on SYS.WRH$_SERVICE_WAIT_CLASS, DELETE on SYS.WRH$_SESSMETRIC_HISTORY, DELETE on SYS.WRH$_SESS_SGA_STATS, DELETE on SYS.WRH$_SESS_TIME_STATS, DELETE on SYS.WRH$_SGA, DELETE on SYS.WRH$_SGASTAT, DELETE on SYS.WRH$_SGA_TARGET_ADVICE, DELETE on SYS.WRH$_SHARED_POOL_ADVICE, DELETE on SYS.WRH$_SHARED_SERVER_SUMMARY, DELETE on SYS.WRH$_SQLCOMMAND_NAME, DELETE on SYS.WRH$_SQLSTAT, DELETE on SYS.WRH$_SQLTEXT, DELETE on SYS.WRH$_SQL_BIND_METADATA, DELETE on SYS.WRH$_SQL_PLAN, DELETE on SYS.WRH$_SQL_SUMMARY, DELETE on SYS.WRH$_SQL_WORKAREA_HISTOGRAM, DELETE on SYS.WRH$_STAT_NAME, DELETE on SYS.WRH$_STREAMS_APPLY_SUM, DELETE on SYS.WRH$_STREAMS_CAPTURE, DELETE on SYS.WRH$_STREAMS_POOL_ADVICE, DELETE on SYS.WRH$_SYSMETRIC_HISTORY, DELETE on SYS.WRH$_SYSMETRIC_SUMMARY, DELETE on SYS.WRH$_SYSSTAT, DELETE on SYS.WRH$_SYSTEM_EVENT, DELETE on SYS.WRH$_SYS_TIME_MODEL, DELETE on SYS.WRH$_TABLESPACE, DELETE on SYS.WRH$_TABLESPACE_SPACE_USAGE, DELETE on SYS.WRH$_TABLESPACE_STAT, DELETE on SYS.WRH$_TEMPFILE, DELETE on SYS.WRH$_TEMPSTATXS, DELETE on SYS.WRH$_THREAD, DELETE on SYS.WRH$_TOPLEVELCALL_NAME, DELETE on SYS.WRH$_UNDOSTAT, DELETE on SYS.WRH$_WAITCLASSMETRIC_HISTORY, DELETE on SYS.WRH$_WAITSTAT, DELETE on SYS.WRHS$_CELL_IOREASON_NAME, DELETE on SYS.WRHS$_CELL_METRIC_DESC, DELETE on SYS.WRHS$_DATAFILE, DELETE on SYS.WRHS$_EVENT_NAME, DELETE on SYS.WRHS$_IM_SEG_STAT_OBJ, DELETE on SYS.WRHS$_IOSTAT_FILETYPE_NAME, DELETE on SYS.WRHS$_IOSTAT_FUNCTION_NAME, DELETE on SYS.WRHS$_LATCH_NAME, DELETE on SYS.WRHS$_METRIC_NAME, DELETE on SYS.WRHS$_OPTIMIZER_ENV, DELETE on SYS.WRHS$_OSSTAT_NAME, DELETE on SYS.WRHS$_PARAMETER_NAME, DELETE on SYS.WRHS$_PLAN_OPERATION_NAME, DELETE on SYS.WRHS$_PLAN_OPTION_NAME, DELETE on SYS.WRHS$_SEG_STAT_OBJ, DELETE on SYS.WRHS$_SERVICE_NAME, DELETE on SYS.WRHS$_SQLCOMMAND_NAME, DELETE on SYS.WRHS$_SQLTEXT, DELETE on SYS.WRHS$_SQL_BIND_METADATA, DELETE on SYS.WRHS$_SQL_PLAN, DELETE on SYS.WRHS$_STAT_NAME, DELETE on SYS.WRHS$_TABLESPACE, DELETE on SYS.WRHS$_TEMPFILE, DELETE on SYS.WRHS$_TOPLEVELCALL_NAME, DELETE on SYS.WRI$_ADV_ACTIONS, DELETE on SYS.WRI$_ADV_DEF_PARAMETERS, DELETE on SYS.WRI$_ADV_DIRECTIVE_DEFS, DELETE on SYS.WRI$_ADV_DIRECTIVE_INSTANCES, DELETE on SYS.WRI$_ADV_EXECUTIONS, DELETE on SYS.WRI$_ADV_EXEC_PARAMETERS, DELETE on SYS.WRI$_ADV_FINDINGS, DELETE on SYS.WRI$_ADV_INST_FDG, DELETE on SYS.WRI$_ADV_JOURNAL, DELETE on SYS.WRI$_ADV_MESSAGE_GROUPS, DELETE on SYS.WRI$_ADV_OBJECTS, DELETE on SYS.WRI$_ADV_PARAMETERS, DELETE on SYS.WRI$_ADV_RATIONALE, DELETE on SYS.WRI$_ADV_RECOMMENDATIONS, DELETE on SYS.WRI$_ADV_REC_ACTIONS, DELETE on SYS.WRI$_ADV_SQLT_BINDS, DELETE on SYS.WRI$_ADV_SQLT_PLANS, DELETE on SYS.WRI$_ADV_SQLT_PLAN_HASH, DELETE on SYS.WRI$_ADV_SQLT_PLAN_STATS, DELETE on SYS.WRI$_ADV_SQLT_RTN_PLAN, DELETE on SYS.WRI$_ADV_SQLT_STATISTICS, DELETE on SYS.WRI$_ADV_TASKS, DELETE on SYS.WRI$_ADV_USAGE, DELETE on SYS.WRI$_ALERT_HISTORY, DELETE on SYS.WRI$_OPTSTAT_OPR, DELETE on SYS.WRI$_SEGADV_CNTRLTAB, DELETE on SYS.WRI$_SEGADV_OBJLIST, DELETE on SYS.WRI$_SQLSET_DEFINITIONS, DELETE on SYS.WRI$_SQLSET_REFERENCES, DELETE on SYS.WRI$_SQLTEXT_REFCOUNT, DELETE on SYS.WRM$_ACTIVE_PDBS, DELETE on SYS.WRM$_BASELINE, DELETE on SYS.WRM$_BASELINE_DETAILS, DELETE on SYS.WRM$_BASELINE_TEMPLATE, DELETE on SYS.WRM$_COLORED_SQL, DELETE on SYS.WRM$_DATABASE_INSTANCE, DELETE on SYS.WRM$_PDB_INSTANCE, DELETE on SYS.WRM$_PDB_IN_SNAP, DELETE on SYS.WRM$_SNAPSHOT, DELETE on SYS.WRM$_SNAPSHOT_DETAILS, DELETE on SYS.WRM$_SNAP_ERROR, DELETE on SYS.WRM$_WR_CONTROL, DELETE on SYS.WRM$_WR_SETTINGS, DELETE on SYS.WRM$_WR_USAGE, DELETE on SYS.WRMS$_SNAPSHOT, INSERT on SYS.UMF$_LINK, INSERT on SYS.UMF$_REGISTRATION, INSERT on SYS.UMF$_SERVICE, INSERT on SYS.UMF$_TOPOLOGY, INSERT on SYS.WRH$_ACTIVE_SESSION_HISTORY, INSERT on SYS.WRH$_ASM_BAD_DISK, INSERT on SYS.WRH$_ASM_DISKGROUP, INSERT on SYS.WRH$_ASM_DISKGROUP_STAT, INSERT on SYS.WRH$_BG_EVENT_SUMMARY, INSERT on SYS.WRH$_BUFFERED_QUEUES, INSERT on SYS.WRH$_BUFFERED_SUBSCRIBERS, INSERT on SYS.WRH$_BUFFER_POOL_STATISTICS, INSERT on SYS.WRH$_CELL_CONFIG, INSERT on SYS.WRH$_CELL_CONFIG_DETAIL, INSERT on SYS.WRH$_CELL_DB, INSERT on SYS.WRH$_CELL_DISK_SUMMARY, INSERT on SYS.WRH$_CELL_GLOBAL, INSERT on SYS.WRH$_CELL_GLOBAL_SUMMARY, INSERT on SYS.WRH$_CELL_IOREASON, INSERT on SYS.WRH$_CELL_IOREASON_NAME, INSERT on SYS.WRH$_CELL_METRIC_DESC, INSERT on SYS.WRH$_CELL_OPEN_ALERTS, INSERT on SYS.WRH$_CHANNEL_WAITS, INSERT on SYS.WRH$_CLUSTER_INTERCON, INSERT on SYS.WRH$_COMP_IOSTAT, INSERT on SYS.WRH$_CON_SYSMETRIC_HISTORY, INSERT on SYS.WRH$_CON_SYSMETRIC_SUMMARY, INSERT on SYS.WRH$_CON_SYSSTAT, INSERT on SYS.WRH$_CON_SYSTEM_EVENT, INSERT on SYS.WRH$_CON_SYS_TIME_MODEL, INSERT on SYS.WRH$_CR_BLOCK_SERVER, INSERT on SYS.WRH$_CURRENT_BLOCK_SERVER, INSERT on SYS.WRH$_DATAFILE, INSERT on SYS.WRH$_DB_CACHE_ADVICE, INSERT on SYS.WRH$_DISPATCHER, INSERT on SYS.WRH$_DLM_MISC, INSERT on SYS.WRH$_DYN_REMASTER_STATS, INSERT on SYS.WRH$_ENQUEUE_STAT, INSERT on SYS.WRH$_EVENT_HISTOGRAM, INSERT on SYS.WRH$_EVENT_NAME, INSERT on SYS.WRH$_FILEMETRIC_HISTORY, INSERT on SYS.WRH$_FILESTATXS, INSERT on SYS.WRH$_IC_CLIENT_STATS, INSERT on SYS.WRH$_IC_DEVICE_STATS, INSERT on SYS.WRH$_IM_SEG_STAT, INSERT on SYS.WRH$_IM_SEG_STAT_OBJ, INSERT on SYS.WRH$_INSTANCE_RECOVERY, INSERT on SYS.WRH$_INST_CACHE_TRANSFER, INSERT on SYS.WRH$_INTERCONNECT_PINGS, INSERT on SYS.WRH$_IOSTAT_DETAIL, INSERT on SYS.WRH$_IOSTAT_FILETYPE, INSERT on SYS.WRH$_IOSTAT_FILETYPE_NAME, INSERT on SYS.WRH$_IOSTAT_FUNCTION, INSERT on SYS.WRH$_IOSTAT_FUNCTION_NAME, INSERT on SYS.WRH$_JAVA_POOL_ADVICE, INSERT on SYS.WRH$_LATCH, INSERT on SYS.WRH$_LATCH_CHILDREN, INSERT on SYS.WRH$_LATCH_MISSES_SUMMARY, INSERT on SYS.WRH$_LATCH_NAME, INSERT on SYS.WRH$_LATCH_PARENT, INSERT on SYS.WRH$_LIBRARYCACHE, INSERT on SYS.WRH$_LMS_STATS, INSERT on SYS.WRH$_LOG, INSERT on SYS.WRH$_MEMORY_RESIZE_OPS, INSERT on SYS.WRH$_MEMORY_TARGET_ADVICE, INSERT on SYS.WRH$_MEM_DYNAMIC_COMP, INSERT on SYS.WRH$_METRIC_NAME, INSERT on SYS.WRH$_MTTR_TARGET_ADVICE, INSERT on SYS.WRH$_MUTEX_SLEEP, INSERT on SYS.WRH$_MVPARAMETER, INSERT on SYS.WRH$_OPTIMIZER_ENV, INSERT on SYS.WRH$_OSSTAT, INSERT on SYS.WRH$_OSSTAT_NAME, INSERT on SYS.WRH$_PARAMETER, INSERT on SYS.WRH$_PARAMETER_NAME, INSERT on SYS.WRH$_PERSISTENT_QMN_CACHE, INSERT on SYS.WRH$_PERSISTENT_QUEUES, INSERT on SYS.WRH$_PERSISTENT_SUBSCRIBERS, INSERT on SYS.WRH$_PGASTAT, INSERT on SYS.WRH$_PGA_TARGET_ADVICE, INSERT on SYS.WRH$_PLAN_OPERATION_NAME, INSERT on SYS.WRH$_PLAN_OPTION_NAME, INSERT on SYS.WRH$_PROCESS_MEMORY_SUMMARY, INSERT on SYS.WRH$_RECOVERY_PROGRESS, INSERT on SYS.WRH$_REPLICATION_TBL_STATS, INSERT on SYS.WRH$_REPLICATION_TXN_STATS, INSERT on SYS.WRH$_RESOURCE_LIMIT, INSERT on SYS.WRH$_ROWCACHE_SUMMARY, INSERT on SYS.WRH$_RSRC_CONSUMER_GROUP, INSERT on SYS.WRH$_RSRC_METRIC, INSERT on SYS.WRH$_RSRC_PDB_METRIC, INSERT on SYS.WRH$_RSRC_PLAN, INSERT on SYS.WRH$_RULE_SET, INSERT on SYS.WRH$_SEG_STAT, INSERT on SYS.WRH$_SEG_STAT_OBJ, INSERT on SYS.WRH$_SERVICE_NAME, INSERT on SYS.WRH$_SERVICE_STAT, INSERT on SYS.WRH$_SERVICE_WAIT_CLASS, INSERT on SYS.WRH$_SESSMETRIC_HISTORY, INSERT on SYS.WRH$_SESS_SGA_STATS, INSERT on SYS.WRH$_SESS_TIME_STATS, INSERT on SYS.WRH$_SGA, INSERT on SYS.WRH$_SGASTAT, INSERT on SYS.WRH$_SGA_TARGET_ADVICE, INSERT on SYS.WRH$_SHARED_POOL_ADVICE, INSERT on SYS.WRH$_SHARED_SERVER_SUMMARY, INSERT on SYS.WRH$_SQLCOMMAND_NAME, INSERT on SYS.WRH$_SQLSTAT, INSERT on SYS.WRH$_SQLTEXT, INSERT on SYS.WRH$_SQL_BIND_METADATA, INSERT on SYS.WRH$_SQL_PLAN, INSERT on SYS.WRH$_SQL_SUMMARY, INSERT on SYS.WRH$_SQL_WORKAREA_HISTOGRAM, INSERT on SYS.WRH$_STAT_NAME, INSERT on SYS.WRH$_STREAMS_APPLY_SUM, INSERT on SYS.WRH$_STREAMS_CAPTURE, INSERT on SYS.WRH$_STREAMS_POOL_ADVICE, INSERT on SYS.WRH$_SYSMETRIC_HISTORY, INSERT on SYS.WRH$_SYSMETRIC_SUMMARY, INSERT on SYS.WRH$_SYSSTAT, INSERT on SYS.WRH$_SYSTEM_EVENT, INSERT on SYS.WRH$_SYS_TIME_MODEL, INSERT on SYS.WRH$_TABLESPACE, INSERT on SYS.WRH$_TABLESPACE_SPACE_USAGE, INSERT on SYS.WRH$_TABLESPACE_STAT, INSERT on SYS.WRH$_TEMPFILE, INSERT on SYS.WRH$_TEMPSTATXS, INSERT on SYS.WRH$_THREAD, INSERT on SYS.WRH$_TOPLEVELCALL_NAME, INSERT on SYS.WRH$_UNDOSTAT, INSERT on SYS.WRH$_WAITCLASSMETRIC_HISTORY, INSERT on SYS.WRH$_WAITSTAT, INSERT on SYS.WRHS$_CELL_IOREASON_NAME, INSERT on SYS.WRHS$_CELL_METRIC_DESC, INSERT on SYS.WRHS$_DATAFILE, INSERT on SYS.WRHS$_EVENT_NAME, INSERT on SYS.WRHS$_IM_SEG_STAT_OBJ, INSERT on SYS.WRHS$_IOSTAT_FILETYPE_NAME, INSERT on SYS.WRHS$_IOSTAT_FUNCTION_NAME, INSERT on SYS.WRHS$_LATCH_NAME, INSERT on SYS.WRHS$_METRIC_NAME, INSERT on SYS.WRHS$_OPTIMIZER_ENV, INSERT on SYS.WRHS$_OSSTAT_NAME, INSERT on SYS.WRHS$_PARAMETER_NAME, INSERT on SYS.WRHS$_PLAN_OPERATION_NAME, INSERT on SYS.WRHS$_PLAN_OPTION_NAME, INSERT on SYS.WRHS$_SEG_STAT_OBJ, INSERT on SYS.WRHS$_SERVICE_NAME, INSERT on SYS.WRHS$_SQLCOMMAND_NAME, INSERT on SYS.WRHS$_SQLTEXT, INSERT on SYS.WRHS$_SQL_BIND_METADATA, INSERT on SYS.WRHS$_SQL_PLAN, INSERT on SYS.WRHS$_STAT_NAME, INSERT on SYS.WRHS$_TABLESPACE, INSERT on SYS.WRHS$_TEMPFILE, INSERT on SYS.WRHS$_TOPLEVELCALL_NAME, INSERT on SYS.WRI$_ADV_ACTIONS, INSERT on SYS.WRI$_ADV_DEF_PARAMETERS, INSERT on SYS.WRI$_ADV_DIRECTIVE_DEFS, INSERT on SYS.WRI$_ADV_DIRECTIVE_INSTANCES, INSERT on SYS.WRI$_ADV_EXECUTIONS, INSERT on SYS.WRI$_ADV_EXEC_PARAMETERS, INSERT on SYS.WRI$_ADV_FINDINGS, INSERT on SYS.WRI$_ADV_INST_FDG, INSERT on SYS.WRI$_ADV_JOURNAL, INSERT on SYS.WRI$_ADV_MESSAGE_GROUPS, INSERT on SYS.WRI$_ADV_OBJECTS, INSERT on SYS.WRI$_ADV_PARAMETERS, INSERT on SYS.WRI$_ADV_RATIONALE, INSERT on SYS.WRI$_ADV_RECOMMENDATIONS, INSERT on SYS.WRI$_ADV_REC_ACTIONS, INSERT on SYS.WRI$_ADV_SQLT_BINDS, INSERT on SYS.WRI$_ADV_SQLT_PLANS, INSERT on SYS.WRI$_ADV_SQLT_PLAN_HASH, INSERT on SYS.WRI$_ADV_SQLT_PLAN_STATS, INSERT on SYS.WRI$_ADV_SQLT_RTN_PLAN, INSERT on SYS.WRI$_ADV_SQLT_STATISTICS, INSERT on SYS.WRI$_ADV_TASKS, INSERT on SYS.WRI$_ADV_USAGE, INSERT on SYS.WRI$_ALERT_HISTORY, INSERT on SYS.WRI$_OPTSTAT_OPR, INSERT on SYS.WRI$_SEGADV_CNTRLTAB, INSERT on SYS.WRI$_SEGADV_OBJLIST, INSERT on SYS.WRI$_SQLSET_DEFINITIONS, INSERT on SYS.WRI$_SQLSET_REFERENCES, INSERT on SYS.WRI$_SQLTEXT_REFCOUNT, INSERT on SYS.WRM$_ACTIVE_PDBS, INSERT on SYS.WRM$_BASELINE, INSERT on SYS.WRM$_BASELINE_DETAILS, INSERT on SYS.WRM$_BASELINE_TEMPLATE, INSERT on SYS.WRM$_COLORED_SQL, INSERT on SYS.WRM$_DATABASE_INSTANCE, INSERT on SYS.WRM$_PDB_INSTANCE, INSERT on SYS.WRM$_PDB_IN_SNAP, INSERT on SYS.WRM$_SNAPSHOT, INSERT on SYS.WRM$_SNAPSHOT_DETAILS, INSERT on SYS.WRM$_SNAP_ERROR, INSERT on SYS.WRM$_WR_CONTROL, INSERT on SYS.WRM$_WR_SETTINGS, INSERT on SYS.WRM$_WR_USAGE, INSERT on SYS.WRMS$_SNAPSHOT, UPDATE on SYS.UMF$_LINK, UPDATE on SYS.UMF$_REGISTRATION, UPDATE on SYS.UMF$_SERVICE, UPDATE on SYS.UMF$_TOPOLOGY, UPDATE on SYS.WRH$_ACTIVE_SESSION_HISTORY, UPDATE on SYS.WRH$_ASM_BAD_DISK, UPDATE on SYS.WRH$_ASM_DISKGROUP, UPDATE on SYS.WRH$_ASM_DISKGROUP_STAT, UPDATE on SYS.WRH$_BG_EVENT_SUMMARY, UPDATE on SYS.WRH$_BUFFERED_QUEUES, UPDATE on SYS.WRH$_BUFFERED_SUBSCRIBERS, UPDATE on SYS.WRH$_BUFFER_POOL_STATISTICS, UPDATE on SYS.WRH$_CELL_CONFIG, UPDATE on SYS.WRH$_CELL_CONFIG_DETAIL, UPDATE on SYS.WRH$_CELL_DB, UPDATE on SYS.WRH$_CELL_DISK_SUMMARY, UPDATE on SYS.WRH$_CELL_GLOBAL, UPDATE on SYS.WRH$_CELL_GLOBAL_SUMMARY, UPDATE on SYS.WRH$_CELL_IOREASON, UPDATE on SYS.WRH$_CELL_IOREASON_NAME, UPDATE on SYS.WRH$_CELL_METRIC_DESC, UPDATE on SYS.WRH$_CELL_OPEN_ALERTS, UPDATE on SYS.WRH$_CHANNEL_WAITS, UPDATE on SYS.WRH$_CLUSTER_INTERCON, UPDATE on SYS.WRH$_COMP_IOSTAT, UPDATE on SYS.WRH$_CON_SYSMETRIC_HISTORY, UPDATE on SYS.WRH$_CON_SYSMETRIC_SUMMARY, UPDATE on SYS.WRH$_CON_SYSSTAT, UPDATE on SYS.WRH$_CON_SYSTEM_EVENT, UPDATE on SYS.WRH$_CON_SYS_TIME_MODEL, UPDATE on SYS.WRH$_CR_BLOCK_SERVER, UPDATE on SYS.WRH$_CURRENT_BLOCK_SERVER, UPDATE on SYS.WRH$_DATAFILE, UPDATE on SYS.WRH$_DB_CACHE_ADVICE, UPDATE on SYS.WRH$_DISPATCHER, UPDATE on SYS.WRH$_DLM_MISC, UPDATE on SYS.WRH$_DYN_REMASTER_STATS, UPDATE on SYS.WRH$_ENQUEUE_STAT, UPDATE on SYS.WRH$_EVENT_HISTOGRAM, UPDATE on SYS.WRH$_EVENT_NAME, UPDATE on SYS.WRH$_FILEMETRIC_HISTORY, UPDATE on SYS.WRH$_FILESTATXS, UPDATE on SYS.WRH$_IC_CLIENT_STATS, UPDATE on SYS.WRH$_IC_DEVICE_STATS, UPDATE on SYS.WRH$_IM_SEG_STAT, UPDATE on SYS.WRH$_IM_SEG_STAT_OBJ, UPDATE on SYS.WRH$_INSTANCE_RECOVERY, UPDATE on SYS.WRH$_INST_CACHE_TRANSFER, UPDATE on SYS.WRH$_INTERCONNECT_PINGS, UPDATE on SYS.WRH$_IOSTAT_DETAIL, UPDATE on SYS.WRH$_IOSTAT_FILETYPE, UPDATE on SYS.WRH$_IOSTAT_FILETYPE_NAME, UPDATE on SYS.WRH$_IOSTAT_FUNCTION, UPDATE on SYS.WRH$_IOSTAT_FUNCTION_NAME, UPDATE on SYS.WRH$_JAVA_POOL_ADVICE, UPDATE on SYS.WRH$_LATCH, UPDATE on SYS.WRH$_LATCH_CHILDREN, UPDATE on SYS.WRH$_LATCH_MISSES_SUMMARY, UPDATE on SYS.WRH$_LATCH_NAME, UPDATE on SYS.WRH$_LATCH_PARENT, UPDATE on SYS.WRH$_LIBRARYCACHE, UPDATE on SYS.WRH$_LMS_STATS, UPDATE on SYS.WRH$_LOG, UPDATE on SYS.WRH$_MEMORY_RESIZE_OPS, UPDATE on SYS.WRH$_MEMORY_TARGET_ADVICE, UPDATE on SYS.WRH$_MEM_DYNAMIC_COMP, UPDATE on SYS.WRH$_METRIC_NAME, UPDATE on SYS.WRH$_MTTR_TARGET_ADVICE, UPDATE on SYS.WRH$_MUTEX_SLEEP, UPDATE on SYS.WRH$_MVPARAMETER, UPDATE on SYS.WRH$_OPTIMIZER_ENV, UPDATE on SYS.WRH$_OSSTAT, UPDATE on SYS.WRH$_OSSTAT_NAME, UPDATE on SYS.WRH$_PARAMETER, UPDATE on SYS.WRH$_PARAMETER_NAME, UPDATE on SYS.WRH$_PERSISTENT_QMN_CACHE, UPDATE on SYS.WRH$_PERSISTENT_QUEUES, UPDATE on SYS.WRH$_PERSISTENT_SUBSCRIBERS, UPDATE on SYS.WRH$_PGASTAT, UPDATE on SYS.WRH$_PGA_TARGET_ADVICE, UPDATE on SYS.WRH$_PLAN_OPERATION_NAME, UPDATE on SYS.WRH$_PLAN_OPTION_NAME, UPDATE on SYS.WRH$_PROCESS_MEMORY_SUMMARY, UPDATE on SYS.WRH$_RECOVERY_PROGRESS, UPDATE on SYS.WRH$_REPLICATION_TBL_STATS, UPDATE on SYS.WRH$_REPLICATION_TXN_STATS, UPDATE on SYS.WRH$_RESOURCE_LIMIT, UPDATE on SYS.WRH$_ROWCACHE_SUMMARY, UPDATE on SYS.WRH$_RSRC_CONSUMER_GROUP, UPDATE on SYS.WRH$_RSRC_METRIC, UPDATE on SYS.WRH$_RSRC_PDB_METRIC, UPDATE on SYS.WRH$_RSRC_PLAN, UPDATE on SYS.WRH$_RULE_SET, UPDATE on SYS.WRH$_SEG_STAT, UPDATE on SYS.WRH$_SEG_STAT_OBJ, UPDATE on SYS.WRH$_SERVICE_NAME, UPDATE on SYS.WRH$_SERVICE_STAT, UPDATE on SYS.WRH$_SERVICE_WAIT_CLASS, UPDATE on SYS.WRH$_SESSMETRIC_HISTORY, UPDATE on SYS.WRH$_SESS_SGA_STATS, UPDATE on SYS.WRH$_SESS_TIME_STATS, UPDATE on SYS.WRH$_SGA, UPDATE on SYS.WRH$_SGASTAT, UPDATE on SYS.WRH$_SGA_TARGET_ADVICE, UPDATE on SYS.WRH$_SHARED_POOL_ADVICE, UPDATE on SYS.WRH$_SHARED_SERVER_SUMMARY, UPDATE on SYS.WRH$_SQLCOMMAND_NAME, UPDATE on SYS.WRH$_SQLSTAT, UPDATE on SYS.WRH$_SQLTEXT, UPDATE on SYS.WRH$_SQL_BIND_METADATA, UPDATE on SYS.WRH$_SQL_PLAN, UPDATE on SYS.WRH$_SQL_SUMMARY, UPDATE on SYS.WRH$_SQL_WORKAREA_HISTOGRAM, UPDATE on SYS.WRH$_STAT_NAME, UPDATE on SYS.WRH$_STREAMS_APPLY_SUM, UPDATE on SYS.WRH$_STREAMS_CAPTURE, UPDATE on SYS.WRH$_STREAMS_POOL_ADVICE, UPDATE on SYS.WRH$_SYSMETRIC_HISTORY, UPDATE on SYS.WRH$_SYSMETRIC_SUMMARY, UPDATE on SYS.WRH$_SYSSTAT, UPDATE on SYS.WRH$_SYSTEM_EVENT, UPDATE on SYS.WRH$_SYS_TIME_MODEL, UPDATE on SYS.WRH$_TABLESPACE, UPDATE on SYS.WRH$_TABLESPACE_SPACE_USAGE, UPDATE on SYS.WRH$_TABLESPACE_STAT, UPDATE on SYS.WRH$_TEMPFILE, UPDATE on SYS.WRH$_TEMPSTATXS, UPDATE on SYS.WRH$_THREAD, UPDATE on SYS.WRH$_TOPLEVELCALL_NAME, UPDATE on SYS.WRH$_UNDOSTAT, UPDATE on SYS.WRH$_WAITCLASSMETRIC_HISTORY, UPDATE on SYS.WRH$_WAITSTAT, UPDATE on SYS.WRHS$_CELL_IOREASON_NAME, UPDATE on SYS.WRHS$_CELL_METRIC_DESC, UPDATE on SYS.WRHS$_DATAFILE, UPDATE on SYS.WRHS$_EVENT_NAME, UPDATE on SYS.WRHS$_IM_SEG_STAT_OBJ, UPDATE on SYS.WRHS$_IOSTAT_FILETYPE_NAME, UPDATE on SYS.WRHS$_IOSTAT_FUNCTION_NAME, UPDATE on SYS.WRHS$_LATCH_NAME, UPDATE on SYS.WRHS$_METRIC_NAME, UPDATE on SYS.WRHS$_OPTIMIZER_ENV, UPDATE on SYS.WRHS$_OSSTAT_NAME, UPDATE on SYS.WRHS$_PARAMETER_NAME, UPDATE on SYS.WRHS$_PLAN_OPERATION_NAME, UPDATE on SYS.WRHS$_PLAN_OPTION_NAME, UPDATE on SYS.WRHS$_SEG_STAT_OBJ, UPDATE on SYS.WRHS$_SERVICE_NAME, UPDATE on SYS.WRHS$_SQLCOMMAND_NAME, UPDATE on SYS.WRHS$_SQLTEXT, UPDATE on SYS.WRHS$_SQL_BIND_METADATA, UPDATE on SYS.WRHS$_SQL_PLAN, UPDATE on SYS.WRHS$_STAT_NAME, UPDATE on SYS.WRHS$_TABLESPACE, UPDATE on SYS.WRHS$_TEMPFILE, UPDATE on SYS.WRHS$_TOPLEVELCALL_NAME, UPDATE on SYS.WRI$_ADV_ACTIONS, UPDATE on SYS.WRI$_ADV_DEF_PARAMETERS, UPDATE on SYS.WRI$_ADV_DIRECTIVE_DEFS, UPDATE on SYS.WRI$_ADV_DIRECTIVE_INSTANCES, UPDATE on SYS.WRI$_ADV_EXECUTIONS, UPDATE on SYS.WRI$_ADV_EXEC_PARAMETERS, UPDATE on SYS.WRI$_ADV_FINDINGS, UPDATE on SYS.WRI$_ADV_INST_FDG, UPDATE on SYS.WRI$_ADV_JOURNAL, UPDATE on SYS.WRI$_ADV_MESSAGE_GROUPS, UPDATE on SYS.WRI$_ADV_OBJECTS, UPDATE on SYS.WRI$_ADV_PARAMETERS, UPDATE on SYS.WRI$_ADV_RATIONALE, UPDATE on SYS.WRI$_ADV_RECOMMENDATIONS, UPDATE on SYS.WRI$_ADV_REC_ACTIONS, UPDATE on SYS.WRI$_ADV_SQLT_BINDS, UPDATE on SYS.WRI$_ADV_SQLT_PLANS, UPDATE on SYS.WRI$_ADV_SQLT_PLAN_HASH, UPDATE on SYS.WRI$_ADV_SQLT_PLAN_STATS, UPDATE on SYS.WRI$_ADV_SQLT_RTN_PLAN, UPDATE on SYS.WRI$_ADV_SQLT_STATISTICS, UPDATE on SYS.WRI$_ADV_TASKS, UPDATE on SYS.WRI$_ADV_USAGE, UPDATE on SYS.WRI$_ALERT_HISTORY, UPDATE on SYS.WRI$_OPTSTAT_OPR, UPDATE on SYS.WRI$_SEGADV_CNTRLTAB, UPDATE on SYS.WRI$_SEGADV_OBJLIST, UPDATE on SYS.WRI$_SQLSET_DEFINITIONS, UPDATE on SYS.WRI$_SQLSET_REFERENCES, UPDATE on SYS.WRI$_SQLTEXT_REFCOUNT, UPDATE on SYS.WRM$_ACTIVE_PDBS, UPDATE on SYS.WRM$_BASELINE, UPDATE on SYS.WRM$_BASELINE_DETAILS, UPDATE on SYS.WRM$_BASELINE_TEMPLATE, UPDATE on SYS.WRM$_COLORED_SQL, UPDATE on SYS.WRM$_DATABASE_INSTANCE, UPDATE on SYS.WRM$_PDB_INSTANCE, UPDATE on SYS.WRM$_PDB_IN_SNAP, UPDATE on SYS.WRM$_SNAPSHOT, UPDATE on SYS.WRM$_SNAPSHOT_DETAILS, UPDATE on SYS.WRM$_SNAP_ERROR, UPDATE on SYS.WRM$_WR_CONTROL, UPDATE on SYS.WRM$_WR_SETTINGS, UPDATE on SYS.WRM$_WR_USAGE, UPDATE on SYS.WRMS$_SNAPSHOT SYSBACKUP: DELETE on SYS.APPLY$_SOURCE_SCHEMA, INSERT on SYS.APPLY$_SOURCE_SCHEMA SYSTEM <- DBA: INSERT on SYS.XSDB$SCHEMA_ACL, UPDATE on SYS.XSDB$SCHEMA_ACL SYSTEM <- DBA <- DATAPUMP_EXP_FULL_DATABASE <- EXP_FULL_DATABASE: DELETE on SYS.INCEXP, DELETE on SYS.INCFIL, DELETE on SYS.INCVID, INSERT on SYS.INCEXP, INSERT on SYS.INCFIL, INSERT on SYS.INCVID, UPDATE on SYS.INCEXP, UPDATE on SYS.INCFIL, UPDATE on SYS.INCVID SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- EXP_FULL_DATABASE: DELETE on SYS.INCEXP, DELETE on SYS.INCFIL, DELETE on SYS.INCVID, INSERT on SYS.INCEXP, INSERT on SYS.INCFIL, INSERT on SYS.INCVID, UPDATE on SYS.INCEXP, UPDATE on SYS.INCFIL, UPDATE on SYS.INCVID SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: DELETE on SYS.EXPIMP_TTS_CT$, DELETE on SYS.RADM_FPTM$, INSERT on SYS.EXPIMP_TTS_CT$, INSERT on SYS.RADM_FPTM$, UPDATE on SYS.EXPIMP_TTS_CT$ SYSTEM <- DBA <- EXP_FULL_DATABASE: DELETE on SYS.INCEXP, DELETE on SYS.INCFIL, DELETE on SYS.INCVID, INSERT on SYS.INCEXP, INSERT on SYS.INCFIL, INSERT on SYS.INCVID, UPDATE on SYS.INCEXP, UPDATE on SYS.INCFIL, UPDATE on SYS.INCVID SYSTEM <- DBA <- GATHER_SYSTEM_STATISTICS: DELETE on SYS.AUX_STATS$, DELETE on SYS.WRI$_OPTSTAT_AUX_HISTORY, INSERT on SYS.AUX_STATS$, INSERT on SYS.WRI$_OPTSTAT_AUX_HISTORY, UPDATE on SYS.AUX_STATS$, UPDATE on SYS.WRI$_OPTSTAT_AUX_HISTORY SYSTEM <- DBA <- IMP_FULL_DATABASE: DELETE on SYS.EXPIMP_TTS_CT$, DELETE on SYS.RADM_FPTM$, INSERT on SYS.EXPIMP_TTS_CT$, INSERT on SYS.RADM_FPTM$, UPDATE on SYS.EXPIMP_TTS_CT$ SYSTEM <- DBA <- OPTIMIZER_PROCESSING_RATE: DELETE on SYS.OPT_CALIBRATION_STATS$, INSERT on SYS.OPT_CALIBRATION_STATS$, UPDATE on SYS.OPT_CALIBRATION_STATS$ WMSYS: DELETE on SYS.NOEXP$, INSERT on SYS.NOEXP$ | ||
Remarks | Users with these privileges can directly modify objects in the SYS, DVSYS, or LBACSYS schemas. Manipulating these system objects may allow security protections to be circumvented or otherwise interfere with normal operation of the database. |
PRIV.USER | CIS | ||
Status | Evaluate | ||
Summary | 7 grants of user impersonation privilege. 1 grant of EXECUTE on restricted packages. | ||
Details | Grants of BECOME USER: GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: BECOME USER O12TEST <- DBA: BECOME USER O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: BECOME USER O12TEST <- DBA <- IMP_FULL_DATABASE: BECOME USER SYSTEM <- DBA: BECOME USER SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: BECOME USER SYSTEM <- DBA <- IMP_FULL_DATABASE: BECOME USER Grants of EXECUTE on DBMS_AQADM_SYS, DBMS_AQADM_SYSCALLS, DBMS_IJOB, DBMS_PRVTAQIM, DBMS_REPCAT_SQL_UTL, DBMS_SCHEDULER, DBMS_STREAMS_ADM_UTL, DBMS_STREAMS_RPC, DBMS_SYS_SQL, INITJVMAUX, LTADM, WWV_DBMS_SQL, WWV_EXECUTE_IMMEDIATE: GSMADMIN_INTERNAL: EXECUTE on DBMS_SYS_SQL | ||
Remarks | The BECOME USER privilege and these PL/SQL packages (DBMS_AQADM_SYS, DBMS_AQADM_SYSCALLS, DBMS_IJOB, DBMS_PRVTAQIM, DBMS_REPCAT_SQL_UTL, DBMS_SCHEDULER, DBMS_STREAMS_ADM_UTL, DBMS_STREAMS_RPC, DBMS_SYS_SQL, INITJVMAUX, LTADM, WWV_DBMS_SQL, WWV_EXECUTE_IMMEDIATE) allow for execution of SQL code or external jobs using the identity of a different user. Access should be strictly limited and granted only to users with a legitimate need for this functionality. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 4.1.10, 4.2.1, 4.2.3 - 4.2.13, 4.3.5 |
PRIV.EXFIL | CIS | ||
Status | Evaluate | ||
Summary | 1 grant of EXECUTE on restricted packages. | ||
Details | Grants of EXECUTE on DBMS_BACKUP_RESTORE, UTL_DBWS, UTL_ORAMTS: SYSBACKUP: EXECUTE on DBMS_BACKUP_RESTORE | ||
Remarks | These PL/SQL packages (DBMS_BACKUP_RESTORE, UTL_DBWS, UTL_ORAMTS) can send data from the database using the network or file system. Access should be granted only to users with a legitimate need for this functionality. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 4.1.19, 4.1.20, 4.2.2 |
PRIV.SYSPUB | |||
Status | Pass | ||
Summary | No grants of system privileges to PUBLIC. | ||
Remarks | Privileges granted to PUBLIC are available to all users. This generally should include few, if any, system privileges since these will not be needed by ordinary users who are not administrators. |
PRIV.ROLEPUB | |||
Status | Pass | ||
Summary | No grants of roles to PUBLIC. | ||
Remarks | Roles granted to PUBLIC are available to all users. Most roles contain privileges that are not appropriate for all users. |
PRIV.COLPUB | |||
Status | Pass | ||
Summary | No grants of column privileges to PUBLIC. | ||
Remarks | Privileges granted to PUBLIC are available to all users. This should include column privileges only for data that is intended to be accessible to everyone. |
PRIV.DBA | CIS | ||
Status | Evaluate | ||
Summary | 2 grants of DBA role. | ||
Details | Grants of DBA role: O12TEST: DBA SYSTEM: DBA | ||
Remarks | The DBA role is very powerful and can be used to bypass many security protections. It should be granted to only a small number of trusted administrators. Furthermore, each trusted user should have an individual account for accountability reasons. As with any powerful role, avoid granting the DBA role with admin option unless absolutely necessary. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 4.4.4 |
PRIV.BIGROLES | CIS | ||
Status | Evaluate | ||
Summary | 59 grants of powerful roles (1 with admin option). | ||
Details | Grants of AQ_ADMINISTRATOR_ROLE, EM_EXPRESS_ALL, EXP_FULL_DATABASE, IMP_FULL_DATABASE, SELECT_CATALOG_ROLE, EXECUTE_CATALOG_ROLE, DELETE_CATALOG_ROLE, OEM_MONITOR roles: DBSNMP: OEM_MONITOR DBSNMP <- OEM_MONITOR: SELECT_CATALOG_ROLE GSMADMIN_INTERNAL <- DATAPUMP_EXP_FULL_DATABASE: EXP_FULL_DATABASE GSMADMIN_INTERNAL <- DATAPUMP_EXP_FULL_DATABASE <- EXP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE: EXP_FULL_DATABASE, IMP_FULL_DATABASE GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE <- EXP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE GSMADMIN_INTERNAL <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE GSMCATUSER: AQ_ADMINISTRATOR_ROLE GSMCATUSER <- GSMADMIN_ROLE: AQ_ADMINISTRATOR_ROLE IX: AQ_ADMINISTRATOR_ROLE, SELECT_CATALOG_ROLE MDSYS: AQ_ADMINISTRATOR_ROLE O12TEST <- DBA: EM_EXPRESS_ALL, EXECUTE_CATALOG_ROLE, EXP_FULL_DATABASE, IMP_FULL_DATABASE, SELECT_CATALOG_ROLE O12TEST <- DBA <- DATAPUMP_EXP_FULL_DATABASE: EXP_FULL_DATABASE O12TEST <- DBA <- DATAPUMP_EXP_FULL_DATABASE <- EXP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE: EXP_FULL_DATABASE, IMP_FULL_DATABASE O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- EXP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE O12TEST <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE O12TEST <- DBA <- EM_EXPRESS_ALL <- EM_EXPRESS_BASIC: SELECT_CATALOG_ROLE O12TEST <- DBA <- EXP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE O12TEST <- DBA <- IMP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE SH: SELECT_CATALOG_ROLE SYS$UMF <- SYSUMF_ROLE: SELECT_CATALOG_ROLE SYSBACKUP: SELECT_CATALOG_ROLE SYSRAC: AQ_ADMINISTRATOR_ROLE SYSTEM: AQ_ADMINISTRATOR_ROLE(*) SYSTEM <- DBA: EM_EXPRESS_ALL, EXECUTE_CATALOG_ROLE, EXP_FULL_DATABASE, IMP_FULL_DATABASE, SELECT_CATALOG_ROLE SYSTEM <- DBA <- DATAPUMP_EXP_FULL_DATABASE: EXP_FULL_DATABASE SYSTEM <- DBA <- DATAPUMP_EXP_FULL_DATABASE <- EXP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE: EXP_FULL_DATABASE, IMP_FULL_DATABASE SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- EXP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE SYSTEM <- DBA <- DATAPUMP_IMP_FULL_DATABASE <- IMP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE SYSTEM <- DBA <- EM_EXPRESS_ALL <- EM_EXPRESS_BASIC: SELECT_CATALOG_ROLE SYSTEM <- DBA <- EXP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE SYSTEM <- DBA <- IMP_FULL_DATABASE: EXECUTE_CATALOG_ROLE, SELECT_CATALOG_ROLE (*) = granted with admin option | ||
Remarks | Like the DBA role, these roles (AQ_ADMINISTRATOR_ROLE, EM_EXPRESS_ALL, EXP_FULL_DATABASE, IMP_FULL_DATABASE, SELECT_CATALOG_ROLE, EXECUTE_CATALOG_ROLE, DELETE_CATALOG_ROLE, OEM_MONITOR) contain powerful privileges that can be used to bypass security protections. They should be granted only to a small number of trusted administrators. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 4.4.1, 4.4.2, 4.4.3 |
PRIV.JAVA | |||
Status | Evaluate | ||
Summary | Found 7 users or roles with Java permission. | ||
Details | Grantee: DBJAVASCRIPT GRANT, Name: oracle.DbmsJavaScriptUser, Type Schema: SYS, Type Name: java.lang.RuntimePermission Grantee: EJBCLIENT GRANT, Name: *, Type Schema: SYS, Type Name: java.net.SocketPermission, Action: connect,resolve GRANT, Name: createClassLoader, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: getClassLoader, Type Schema: SYS, Type Name: java.lang.RuntimePermission Grantee: JMXSERVER GRANT, Name: *, Type Schema: SYS, Type Name: java.net.SocketPermission, Action: accept,connect,listen,resolve GRANT, Name: control, Type Schema: SYS, Type Name: java.util.logging.LoggingPermission GRANT, Name: monitor, Type Schema: SYS, Type Name: java.lang.management.ManagementPermission GRANT, Name: setContextClassLoader, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: createMBeanServer, Type Schema: SYS, Type Name: javax.management.MBeanServerPermission GRANT, Name: control, Type Schema: SYS, Type Name: java.lang.management.ManagementPermission GRANT, Name: javax.net.ssl.*, Type Schema: SYS, Type Name: java.util.PropertyPermission, Action: read,write GRANT, Name: https.proxyHost, Type Schema: SYS, Type Name: java.util.PropertyPermission, Action: read,write GRANT, Name: javax.net.debug, Type Schema: SYS, Type Name: java.util.PropertyPermission, Action: read,write GRANT, Name: java.rmi.server.randomIDs, Type Schema: SYS, Type Name: java.util.PropertyPermission, Action: read,write GRANT, Name: com.sun.jmx.*, Type Schema: SYS, Type Name: java.util.PropertyPermission, Action: read,write GRANT, Name: com.sun.management.*, Type Schema: SYS, Type Name: java.util.PropertyPermission, Action: read,write GRANT, Name: *, Type Schema: SYS, Type Name: javax.management.MBeanPermission, Action: * GRANT, Name: javavm/lib/management/*, Type Schema: SYS, Type Name: java.io.FilePermission, Action: read GRANT, Name: javavm/lib/management/jmxremote.access, Type Schema: SYS, Type Name: java.io.FilePermission, Action: read GRANT, Name: javavm/lib/management/management.properties, Type Schema: SYS, Type Name: java.io.FilePermission, Action: read GRANT, Name: createAccessControlContext, Type Schema: SYS, Type Name: java.security.SecurityPermission GRANT, Name: accessClassInPackage.sun.management.*, Type Schema: SYS, Type Name: java.lang.RuntimePermission Grantee: MDSYS GRANT, Name: sdo\demo\georaster\jlibs\*, Type Schema: SYS, Type Name: java.io.FilePermission, Action: read GRANT, Name: getClassLoader, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: md\jlib\*, Type Schema: SYS, Type Name: java.io.FilePermission, Action: read GRANT, Name: sdo/demo/georaster/jlibs/*, Type Schema: SYS, Type Name: java.io.FilePermission, Action: read GRANT, Name: md/jlib/*, Type Schema: SYS, Type Name: java.io.FilePermission, Action: read GRANT, Name: accessClassInPackage.com.sun.media.jai.*, Type Schema: SYS, Type Name: java.lang.RuntimePermission Grantee: ORDSYS GRANT, Name: loadLibrary.oraordim12, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: loadLibrary.ordim12, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: control, Type Schema: SYS, Type Name: java.util.logging.LoggingPermission GRANT, Name: getClassLoader, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: <<ALL FILES>>, Type Schema: SYS, Type Name: java.io.FilePermission, Action: read,write,delete GRANT, Name: /tmp/*, Type Schema: SYS, Type Name: java.io.FilePermission, Action: read,write,delete GRANT, Name: accessClassInPackage.com.sun.imageio.plugins.jpeg, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: accessClassInPackage.com.sun.media.jai.codec, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: loadLibrary.clib_jiio, Type Schema: SYS, Type Name: java.lang.RuntimePermission Grantee: PUBLIC GRANT, Name: DUMMY, Type Schema: SYS, Type Name: oracle.aurora.security.JServerPermission GRANT, Name: *, Type Schema: SYS, Type Name: java.util.PropertyPermission, Action: read GRANT, Name: user.language, Type Schema: SYS, Type Name: java.util.PropertyPermission, Action: write GRANT, Name: exitVM, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: createSecurityManager, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: modifyThread, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: modifyThreadGroup, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: getenv.TNS_ADMIN, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: preferences, Type Schema: SYS, Type Name: java.lang.RuntimePermission GRANT, Name: LoadClassInPackage.*, Type Schema: SYS, Type Name: oracle.aurora.security.JServerPermission GRANT, Name: oracle.net.tns_admin, Type Schema: SYS, Type Name: java.util.PropertyPermission, Action: write GRANT, Name: getenv.ORACLE_HOME, Type Schema: SYS, Type Name: java.lang.RuntimePermission RESTRICT, Name: LoadClassInPackage.oracle.jdbc.*, Type Schema: SYS, Type Name: oracle.aurora.security.JServerPermission RESTRICT, Name: LoadClassInPackage.oracle.aurora.*, Type Schema: SYS, Type Name: oracle.aurora.security.JServerPermission RESTRICT, Name: LoadClassInPackage.java.*, Type Schema: SYS, Type Name: oracle.aurora.security.JServerPermission RESTRICT, Name: loadLibrary.*, Type Schema: SYS, Type Name: java.lang.RuntimePermission RESTRICT, Name: 0:java.lang.RuntimePermission#loadLibrary.*, Type Schema: SYS, Type Name: oracle.aurora.rdbms.security.PolicyTablePermission RESTRICT, Name: LoadClassInPackage.oracle.ord.*, Type Schema: SYS, Type Name: oracle.aurora.security.JServerPermission Grantee: SYSTEM GRANT, Name: <<ALL FILES>>, Type Schema: SYS, Type Name: java.io.FilePermission, Action: read | ||
Remarks | Java permission grants control the ability of database users to execute Java classes within the database server. A database user executing Java code must have both Java security permissions and database privileges to access resources within the database. These resources include database resources, such as tables and PL/SQL packages, operating system resources, such as files and sockets, Oracle JVM classes, and user-loaded classes. Make sure that these permissions are limited to the minimum required by each user. |
PRIV.ADMIN | |||
Status | Evaluate | ||
Summary | Found 4 users granted administrative privileges. Found 0 administrative privileges not granted to any user. | ||
Details | SYSDBA (1): SYS SYSOPER (1): SYS SYSBACKUP (1): SYSBACKUP SYSDG (1): SYSDG SYSKM (1): SYSKM | ||
Remarks | Administrative privileges allow a user to perform maintenance operations, including some that may occur while the database is not open. The SYSDBA privilege allows the user to run as SYS and perform virtually all privileged operations. Starting with Oracle Database 12.1, less powerful administrative privileges were introduced to allow users to perform common administrative tasks with less than full SYSDBA privileges. To achieve the benefit of this separation of duty, each of these administrative privileges should be granted to at least one user account. |
AUTH.DV | GDPR | ||
Status | Advisory | ||
Summary | Database Vault is not enabled. | ||
Remarks | Database Vault provides for configurable policies to control the actions of privileged administrative users, in order to protect against insider threats, stolen credentials, and human error. Data realms prevent unauthorized access to sensitive data objects, even by users with system privileges. Command rules limit the SQL commands and options that administrators can execute. | ||
References | EU General Data Protection Regulation 2016/679: Article 6, 25, 29, 32, 34, 89; Recital 28, 29, 78, 156 |
AUTH.PRIV | |||
Status | Advisory | ||
Summary | No privilege analysis policies found. | ||
Details | Users with EXECUTE on SYS.DBMS_PRIVILEGE_CAPTURE: O12TEST, SYSTEM | ||
Remarks | Privilege Analysis records the privileges used during a real or simulated workload. After collecting data about the privileges that are actually used, this information can be used to revoke privilege grants that are no longer needed. |
CRYPT.TDE | GDPR | ||
Status | Advisory | ||
Summary | No encrypted tablespaces found. No encrypted columns found. Examined 1 initialization parameter. | ||
Details | ENCRYPT_NEW_TABLESPACES=CLOUD_ONLY. Recommended value is ALWAYS. | ||
Remarks | Encryption of some sensitive data is a requirement in certain regulated environments. Transparent Data Encryption automatically encrypts data as it is stored and decrypts it upon retrieval. This protects sensitive data from attacks that bypass the database to read data files directly. Encryption keys may be stored in wallets on the database server itself, or stored remotely in Oracle Key Vault for improved security. The ENCRYPT_NEW_TABLESPACES parameter ensures that TDE tablespace encryption is applied to all newly created tablespaces. Setting this parameter to ALWAYS is recommended in order to protect all data regardless of the options specified when the tablespace is created. | ||
References | EU General Data Protection Regulation 2016/679: Article 6, 32, 34; Recital 83 |
CRYPT.WALLET | GDPR | ||
Status | Evaluate | ||
Summary | Found 1 wallet. No wallets are stored in the data file directory. | ||
Details | Encryption wallet location: /u00/app/oracle/admin/TVDNCDB/wallet Wallet type: FILE Status: NOT_AVAILABLE Keystore type: UNKNOWN Wallet order: SINGLE Data file directory: /u00/app/oracle/product/12.2.0.1/dbs | ||
Remarks | Wallets are encrypted files used to store encryption keys, passwords, and other sensitive data. Wallet files should not be stored in the same directory with database data files, to avoid accidentally creating backups that include both encrypted data files and the wallet containing the master key protecting those files. For maximum separation of keys and data, consider storing encryption keys in Oracle Key Vault instead of wallet files. | ||
References | EU General Data Protection Regulation 2016/679: Article 6, 32, 34; Recital 83 |
ACCESS.REDACT | GDPR | ||
Status | Advisory | ||
Summary | No data redaction policies found. | ||
Details | Users with EXEMPT REDACTION POLICY privilege: GSMADMIN_INTERNAL, O12TEST, SYSTEM Users with EXECUTE on SYS.DBMS_REDACT: GSMADMIN_INTERNAL, O12TEST, SYSTEM | ||
Remarks | Data Redaction automatically masks sensitive data found in the results of a database query. The data is masked immediately before it is returned as part of the result set, so it does not interfere with any conditions specified as part of the query. Access by users with the EXEMPT REDACTION POLICY privilege will not be affected by the redaction policy. Users who can execute the DBMS_REDACT package are able to create and modify redaction policies. Also consider the use of Oracle Data Masking and Subsetting to permanently mask sensitive data when making copies for test or development use. | ||
References | EU General Data Protection Regulation 2016/679: Article 6, 25, 32, 34, 89; Recital 28, 29, 78, 156 |
ACCESS.VPD | GDPR | ||
Status | Advisory | ||
Summary | No VPD policies found. | ||
Details | Users with EXEMPT ACCESS POLICY privilege: MDSYS Users with EXECUTE on SYS.DBMS_RLS: GSMADMIN_INTERNAL, MDSYS, O12TEST, SYSTEM, WMSYS, XDB | ||
Remarks | Virtual Private Database (VPD) allows for fine-grained control over which rows and columns of a table are visible to a SQL statement. Access control using VPD limits each database session to only the specific data it should be able to access. Access by users with the EXEMPT ACCESS POLICY privilege will not be affected by VPD policies. Users who can execute the DBMS_RLS package are able to create and modify these policies. | ||
References | EU General Data Protection Regulation 2016/679: Article 29, 32 |
ACCESS.RAS | GDPR | ||
Status | Advisory | ||
Summary | No RAS policies found. | ||
Details | Users with EXEMPT ACCESS POLICY privilege: MDSYS Users with ADMIN_ANY_SEC_POLICY privilege: O12TEST, SYSTEM Users with ADMIN_SEC_POLICY privilege: DBSFWUSER, O12TEST, SYSTEM Users with APPLY_SEC_POLICY privilege: (none) | ||
Remarks | Like Virtual Private Database, Real Application Security (RAS) provides fine-grained control over the rows and columns of a table that are visible to a SQL statement. Specification of RAS data access policies uses a declarative syntax based on access control lists. Access by users with the EXEMPT ACCESS POLICY privilege will not be affected by RAS access policies. Users with ADMIN_SEC_POLICY and APPLY_SEC_POLICY privileges are able to create and modify these policies. | ||
References | EU General Data Protection Regulation 2016/679: Article 6, 25, 32, 34, 89; Recital 28, 29, 64, 78, 156 |
ACCESS.OLS | GDPR | ||
Status | Advisory | ||
Summary | Label Security is not enabled. | ||
Remarks | Oracle Label Security provides the ability to tag data with a data label or a data classification. Access to sensitive data is controlled by comparing the data label with the requesting user's label or security clearance. A user label or security clearance can be thought of as an extension to standard database privileges and roles. Access by users with the EXEMPT ACCESS POLICY privilege will not be affected by the Label Security policies. Each policy has a corresponding role; users who have this role are able to administer the policy. | ||
References | EU General Data Protection Regulation 2016/679: Article 18, 29, 32; Recital 67 |
ACCESS.TSDP | |||
Status | Advisory | ||
Summary | No sensitive types and columns found. Found 0 TSDP policies. | ||
Details | Policies: (none) Users with EXECUTE on SYS.DBMS_TSDP_MANAGE: (none) Users with EXECUTE on SYS.DBMS_TSDP_PROTECT: (none) | ||
Remarks | Transparent Sensitive Data Protection (TSDP), introduced in Oracle Database 12.1, allows a data type to be associated with each column that contains sensitive data. TSDP can then apply various data security features to all instances of a particular type so that protection is uniform and consistent. Data from columns marked as sensitive is also automatically redacted in the database audit trail and trace logs. Users who can execute the DBMS_TSDP_MANAGE and DBMS_TSDP_PROTECT packages are able to manage sensitive data types and the protection actions that are applied to them. |
AUDIT.RECORDS | GDPR CIS | ||
Status | Evaluate | ||
Summary | Examined 3 audit trails. Found records in 1 audit trail. No errors found in audit initialization parameters. | ||
Details | Traditional Audit Trail: No records found FGA Audit Trail: No records found Unified Audit Trail: In use, 92 records found (Nov 06 2017 - Dec 02 2017) AUDIT_FILE_DEST=/u00/app/oracle/admin/TVDNCDB/adump AUDIT_SYSLOG_LEVEL is not set. AUDIT_TRAIL=DB | ||
Remarks | Auditing is an essential component for securing any system. The audit trail allows for monitoring the activities of highly privileged users. For any attack that exploits gaps in other security policies, auditing cannot prevent the attack but it forms the critical last line of defense by detecting the malicious activity. Sending audit data to a remote system is recommended in order to prevent any possible tampering with the audit records. The AUDIT_SYSLOG_LEVEL parameter can be set to send an abbreviated version of some audit records to a remote syslog collector. A better solution is to use Oracle Audit Vault and Database Firewall to centrally collect full audit records from multiple databases. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.2.2 EU General Data Protection Regulation 2016/679: Article 30, 33, 34 |
AUDIT.STMT | |||
Status | Evaluate | ||
Summary | Auditing enabled for 17 statements. | ||
Details | Unified Audit (17): ALTER DATABASE LINK, ALTER PLUGGABLE DATABASE, ALTER PROFILE, ALTER ROLE, ALTER USER, CREATE DATABASE LINK, CREATE DIRECTORY, CREATE PLUGGABLE DATABASE, CREATE PROFILE, CREATE ROLE, DROP DATABASE LINK, DROP DIRECTORY, DROP PLUGGABLE DATABASE, DROP PROFILE, DROP ROLE, LOGON, SET ROLE | ||
Remarks | This finding shows the SQL statements that are audited by enabled audit policies. |
AUDIT.OBJ | |||
Status | Advisory | ||
Summary | No auditing enabled for objects. | ||
Remarks | This finding shows the object accesses that are audited by enabled audit policies. |
AUDIT.PRIV | CIS | ||
Status | Evaluate | ||
Summary | Auditing enabled for 30 privileges. | ||
Details | Unified Audit (30): ADMINISTER KEY MANAGEMENT, ALTER ANY PROCEDURE, ALTER ANY SQL TRANSLATION PROFILE, ALTER ANY TABLE, ALTER DATABASE, ALTER SYSTEM, AUDIT SYSTEM, BECOME USER, CREATE ANY JOB, CREATE ANY LIBRARY, CREATE ANY PROCEDURE, CREATE ANY SQL TRANSLATION PROFILE, CREATE ANY TABLE, CREATE EXTERNAL JOB, CREATE PUBLIC SYNONYM, CREATE SQL TRANSLATION PROFILE, CREATE USER, DROP ANY PROCEDURE, DROP ANY SQL TRANSLATION PROFILE, DROP ANY TABLE, DROP PUBLIC SYNONYM, DROP USER, EXEMPT ACCESS POLICY, EXEMPT REDACTION POLICY, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE, LOGMINING, PURGE DBA_RECYCLEBIN, TRANSLATE ANY SQL | ||
Remarks | This finding shows the privileges that are audited by enabled audit policies. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 5.1.15, 5.1.16, 5.1.17 |
AUDIT.ADMIN | CIS | ||
Status | Pass | ||
Summary | Actions of the SYS user are audited. | ||
Details | Traditional Audit: AUDIT_SYS_OPERATIONS is set to TRUE. Unified Audit policies enabled for administrators: (none) | ||
Remarks | It is important to audit administrative actions performed by the SYS user. Traditional audit policies do not apply to SYS, so the AUDIT_SYS_OPERATIONS parameter must be set to record SYS actions to a separate audit trail. Beginning with Oracle 12c, the same Unified Audit policies can be applied to SYS that are used to monitor other users. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.2.1 |
AUDIT.PRIVMGMT | CIS | ||
Status | Pass | ||
Summary | Actions related to privilege management are sufficiently audited. | ||
Details | Traditional audit - auditing enabled: (none) Unified audit - auditing enabled: ALTER ROLE, CREATE ROLE, DROP ROLE, GRANT ANY OBJECT PRIVILEGE, GRANT ANY PRIVILEGE, GRANT ANY ROLE | ||
Remarks | Granting additional privileges to users or roles potentially affects most security protections and should be audited. Each action or privilege listed here should be included in at least one enabled audit policy. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 5.1.4, 5.1.5, 5.1.15, 5.1.16, 5.2.4 - 5.2.8 |
AUDIT.ACCTMGMT | CIS | ||
Status | Pass | ||
Summary | Actions related to account management are sufficiently audited. | ||
Details | Traditional audit - auditing enabled: (none) Unified audit - auditing enabled: ALTER PROFILE, ALTER USER, CREATE PROFILE, CREATE USER, DROP PROFILE, DROP USER | ||
Remarks | Creation of new user accounts or modification of existing accounts can be used to gain access to the privileges of those accounts and should be audited. Each action or privilege listed here should be included in at least one enabled audit policy. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 5.1.1, 5.1.2, 5.1.3, 5.1.6, 5.1.7, 5.1.8, 5.2.1, 5.2.2, 5.2.3, 5.2.9, 5.2.10, 5.2.11 |
AUDIT.DBMGMT | CIS | ||
Status | Medium Risk | ||
Summary | Actions related to database management are not sufficiently audited. | ||
Details | Auditing not enabled: ALTER PROCEDURE, ALTER PUBLIC DATABASE LINK, ALTER TRIGGER, AUDIT ANY, CREATE ANY DIRECTORY, CREATE LIBRARY, CREATE PROCEDURE, CREATE PUBLIC DATABASE LINK, CREATE SPFILE, CREATE TRIGGER, DROP ANY DIRECTORY, DROP PROCEDURE, DROP PUBLIC DATABASE LINK, DROP TRIGGER, SYSTEM AUDIT Traditional audit - auditing enabled: (none) Unified audit - auditing enabled: ADMINISTER KEY MANAGEMENT, ALTER DATABASE, ALTER DATABASE LINK, ALTER PLUGGABLE DATABASE, ALTER SYSTEM, CREATE ANY LIBRARY, CREATE DATABASE LINK, CREATE EXTERNAL JOB, CREATE PLUGGABLE DATABASE, CREATE PUBLIC SYNONYM, DROP ANY PROCEDURE, DROP DATABASE LINK, DROP PLUGGABLE DATABASE, DROP PUBLIC SYNONYM, EXECUTE ON SYS.DBMS_RLS | ||
Remarks | Actions that affect the management of database features should always be audited. Each action or privilege listed here should be included in at least one enabled audit policy. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 5.1.9, 5.1.10, 5.1.11, 5.1.17, 5.1.19 - 5.1.21, 5.2.12 - 5.2.14, 5.2.20 - 5.2.26 |
AUDIT.PRIVUSE | CIS | ||
Status | Medium Risk | ||
Summary | Usages of powerful system privileges are not sufficiently audited. | ||
Details | Auditing not enabled: CREATE ANY TRIGGER, SELECT ANY DICTIONARY Traditional audit - auditing enabled: (none) Unified audit - auditing enabled: ALTER ANY SQL TRANSLATION PROFILE, BECOME USER, CREATE ANY JOB, CREATE ANY PROCEDURE, CREATE ANY SQL TRANSLATION PROFILE, EXEMPT ACCESS POLICY, EXEMPT REDACTION POLICY, LOGMINING, TRANSLATE ANY SQL | ||
Remarks | Usage of powerful system privileges should always be audited. Each privilege listed here should be included in at least one enabled audit policy. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 5.1.14, 5.2.18 |
AUDIT.CONN | CIS | ||
Status | Medium Risk | ||
Summary | Database connections are not sufficiently audited. | ||
Details | Auditing not enabled: LOGOFF Traditional audit - auditing enabled: (none) Unified audit - auditing enabled: LOGON | ||
Remarks | Successful user connections to the database should be audited to assist with future forensic analysis. Unsuccessful connection attempts can provide early warning of an attacker's attempt to gain access to the database. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 5.1.22, 5.2.27 |
AUDIT.FGA | |||
Status | Advisory | ||
Summary | No fine grained audit policies found. | ||
Details | Users with EXECUTE on SYS.DBMS_FGA: GSMADMIN_INTERNAL, O12TEST, SYSTEM | ||
Remarks | Fine Grained Audit policies can record highly specific activity, such as access to particular table columns or access that occurs under specified conditions. This is a useful way to monitor unexpected data access while avoiding unnecessary audit records that correspond to normal activity. |
AUDIT.UNIFIED | |||
Status | Evaluate | ||
Summary | Found 7 unified audit policies. Found 49 objects or statements being audited. | ||
Details | Policy ORA_ACCOUNT_MGMT (Disabled): Audits 9 objects/statements Policy ORA_CIS_RECOMMENDATIONS (Disabled): Audits 26 objects/statements Policy ORA_DATABASE_PARAMETER (Disabled): Audits 3 objects/statements Policy ORA_LOGON_FAILURES (Enabled): Audits 1 objects/statements Policy ORA_RAS_POLICY_MGMT (Disabled): Audits 35 objects/statements Policy ORA_RAS_SESSION_MGMT (Disabled): Audits 14 objects/statements Policy ORA_SECURECONFIG (Enabled): Audits 48 objects/statements | ||
Remarks | Unified Audit, available in Oracle Database 12.1 and later releases, combines multiple audit trails into a single unified view. It also introduces new syntax for specifying effective audit policies. |
Name | Value |
---|---|
AUDIT_FILE_DEST | /u00/app/oracle/admin/TVDNCDB/adump |
AUDIT_SYSLOG_LEVEL | |
AUDIT_SYS_OPERATIONS | TRUE |
AUDIT_TRAIL | DB |
COMPATIBLE | 12.2.0 |
CURSOR_BIND_CAPTURE_DESTINATION | memory+disk |
DBFIPS_140 | FALSE |
DISPATCHERS | (PROTOCOL=TCP) (SERVICE=TVDNCDBXDB) |
ENCRYPT_NEW_TABLESPACES | CLOUD_ONLY |
GLOBAL_NAMES | FALSE |
LDAP_DIRECTORY_ACCESS | NONE |
LDAP_DIRECTORY_SYSAUTH | no |
O7_DICTIONARY_ACCESSIBILITY | FALSE |
OS_AUTHENT_PREFIX | ops$ |
OS_ROLES | FALSE |
PDB_LOCKDOWN | |
PDB_OS_CREDENTIAL | |
REMOTE_LISTENER | |
REMOTE_LOGIN_PASSWORDFILE | EXCLUSIVE |
REMOTE_OS_AUTHENT | FALSE |
REMOTE_OS_ROLES | FALSE |
RESOURCE_LIMIT | TRUE |
SEC_CASE_SENSITIVE_LOGON | TRUE |
SEC_MAX_FAILED_LOGIN_ATTEMPTS | 3 |
SEC_PROTOCOL_ERROR_FURTHER_ACTION | (DROP,3) |
SEC_PROTOCOL_ERROR_TRACE_ACTION | TRACE |
SEC_RETURN_SERVER_RELEASE_BANNER | FALSE |
SQL92_SECURITY | TRUE |
UNIFIED_AUDIT_SGA_QUEUE_SIZE | 1048576 |
UTL_FILE_DIR |
CONF.SYSOBJ | CIS | ||
Status | Pass | ||
Summary | Access to dictionary objects is properly limited. | ||
Details | O7_DICTIONARY_ACCESSIBILITY=FALSE | ||
Remarks | When O7_DICTIONARY_ACCESSIBILITY is set to FALSE, tables owned by SYS are not affected by the ANY TABLE system privileges. This parameter should always be set to FALSE because tables owned by SYS control the overall state of the database and should not be subject to manipulation by users with ANY TABLE privileges. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.2.5 |
CONF.INFER | CIS | ||
Status | Pass | ||
Summary | Data inference attacks are properly blocked. | ||
Details | SQL92_SECURITY=TRUE | ||
Remarks | When SQL92_SECURITY is set to TRUE, UPDATE and DELETE statements that refer to a column in their WHERE clauses will succeed only when the user has the privilege to SELECT from the same column. This parameter should be set to TRUE so that this requirement is enforced in order to prevent users from inferring the value of a column which they do not have the privilege to view. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.2.17 |
CONF.NETCOM | CIS | ||
Status | Pass | ||
Summary | Examined 4 initialization parameters. No issues found. | ||
Details | REMOTE_LISTENER='' SEC_PROTOCOL_ERROR_FURTHER_ACTION=(DROP,3) SEC_PROTOCOL_ERROR_TRACE_ACTION=TRACE SEC_RETURN_SERVER_RELEASE_BANNER=FALSE | ||
Remarks | REMOTE_LISTENER allows a network listener running on another system to be used. This parameter should normally be unset to ensure that the local listener is used. The SEC_PROTOCOL_ERROR parameters control the database server's response when it receives malformed network packets from a client. Because these malformed packets may indicate an attempted attack by a malicious client, the parameters should be set to log the incident and terminate the connection. SEC_RETURN_SERVER_RELEASE_BANNER should be set to FALSE to limit the information that is returned to an unauthenticated client, which could be used to help determine the server's vulnerability to a remote attack. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.2.7, 2.2.14, 2.2.15, 2.2.16 |
CONF.EXTAUTH | CIS | ||
Status | Pass | ||
Summary | Examined 3 initialization parameters. No issues found. | ||
Details | REMOTE_OS_AUTHENT=FALSE REMOTE_OS_ROLES=FALSE OS_ROLES=FALSE | ||
Remarks | The OS_ROLES parameter determines whether roles granted to users are controlled by GRANT statements in the database or by the database server's operating system. REMOTE_OS_AUTHENT and REMOTE_OS_ROLES allow the client operating system to set the database user and roles. All of these parameters should be set to FALSE so that the authorizations of database users are managed by the database itself. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.2.6, 2.2.9, 2.2.10 |
CONF.FILESYS | CIS | ||
Status | Pass | ||
Summary | Examined 1 initialization parameter. No issues found. | ||
Details | UTL_FILE_DIR='' | ||
Remarks | The UTL_FILE_DIR parameter controls which part of the server's file system can be accessed by PL/SQL code. Because the directories specified in the UTL_FILE_DIR parameter may be accessed by any database user, it should be set to specify one or more safe directories that do not contain restricted files such as the configuration or data files for the database. For maximum security, use directory objects which allow finer grained control of access, rather than relying on this parameter. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.2.11 |
CONF.TRACE | CIS | ||
Status | Pass | ||
Summary | Examined 0 initialization parameters. No issues found. | ||
Remarks | The hidden parameter _TRACE_FILES_PUBLIC determines whether trace files generated by the database should be accessible to all OS users. Since these files may contain sensitive information, access should be limited by setting this parameter to TRUE. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.2.18 |
CONF.TRIG | |||
Status | Low Risk | ||
Summary | No logon triggers found. Found 1 disabled trigger. | ||
Details | Disabled triggers: HR.SECURE_EMPLOYEES | ||
Remarks | A trigger is code that executes whenever a specific event occurs, such as inserting data in a table or connecting to the database. Disabled triggers are a potential cause for concern because whatever protection or monitoring they may be expected to provide is not active. |
CONF.CONST | |||
Status | Low Risk | ||
Summary | Found 4 disabled constraints. | ||
Details | Disabled constraints: STS_CHUNKS on GSMADMIN_INTERNAL.SHARD_TS, COSTS_CHANNEL_FK on SH.COSTS, COSTS_PROMO_FK on SH.COSTS, SUPP_DEMO_PK on SH.SUPPLEMENTARY_DEMOGRAPHICS | ||
Remarks | Constraints are used to enforce and guarantee specific relationships between data items stored in the database. Disabled constraints are a potential cause for concern because the conditions they ensure are not enforced. |
CONF.EXTPROC | CIS | ||
Status | Evaluate | ||
Summary | Found 5 external procedures. No external services found. | ||
Details | External procedures: ORDSYS.ORDIMLIBS, SYS.DBMSHADOOPLIB, SYS.DBMS_SUMADV_LIB, SYS.DM$RQEXTLIB, SYS.KUBSAGT_LIB | ||
Remarks | External procedures allow code written in other languages to be executed from PL/SQL. Note that modifications to external code cannot be controlled by the database. Be careful to ensure that only trusted code libraries are available to be executed. Although the database can spawn its own process to execute the external procedure, it is advisable to configure a listener service for this purpose so that the external code can run as a less-privileged OS user. The listener configuration should set EXTPROC_DLLS to identify the specific shared library code that can be executed rather than using the default value ANY. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.1.2 |
CONF.DIR | |||
Status | High Risk | ||
Summary | Found 17 directory objects. Found 1 directory object allowing access to restricted Oracle directory paths. Found 1 directory object with both write and execute access. | ||
Details | Directory Name: DATA_FILE_DIR Path = /u00/app/oracle/demos/common/db-sample-schemas-master/sales_history/ Users or roles with access: SH(READ) Directory Name: DATA_PUMP_DIR Path = /u00/app/oracle/admin/TVDNCDB/dpdump/ Users or roles with access: EXP_FULL_DATABASE(READ), EXP_FULL_DATABASE(WRITE), IMP_FULL_DATABASE(READ), IMP_FULL_DATABASE(WRITE), SCOTT(EXECUTE), SCOTT(READ), SCOTT(WRITE) Directory Name: LOG_FILE_DIR Path = //u00/app/oracle/demos/common/db-sample-schemas-master/log/ Users or roles with access: SH(READ), SH(WRITE) Directory Name: MEDIA_DIR Path = /u00/app/oracle/demos/common/db-sample-schemas-master/product_media/ Users or roles with access: PM(READ) Directory Name: OPATCH_INST_DIR Path = /u00/app/oracle/product/12.2.0.1/OPatch/ Directory Name: OPATCH_LOG_DIR Path = /u00/app/oracle/product/12.2.0.1/QOpatch/ Directory Name: OPATCH_SCRIPT_DIR Path = /u00/app/oracle/product/12.2.0.1/QOpatch/ Directory Name: ORACLE_BASE Path = /u00/app/oracle/ Directory Name: ORACLE_HOME Path = /u00/app/oracle/product/12.2.0.1/ Directory Name: ORACLE_OCM_CONFIG_DIR Path = /u00/app/oracle/product/12.2.0.1/ccr/state/ Users or roles with access: ORACLE_OCM(READ), ORACLE_OCM(WRITE) Directory Name: ORACLE_OCM_CONFIG_DIR2 Path = /u00/app/oracle/product/12.2.0.1/ccr/state/ Users or roles with access: ORACLE_OCM(READ), ORACLE_OCM(WRITE) Directory Name: ORA_DBMS_FCP_ADMINDIR Path = /u00/app/oracle/product/12.2.0.1/rdbms/admin/ Directory Name: ORA_DBMS_FCP_LOGDIR Path = /u00/app/oracle/product/12.2.0.1/cfgtoollogs/ Directory Name: SS_OE_XMLDIR Path = /u00/app/oracle/demos/common/db-sample-schemas-master/order_entry/ Users or roles with access: OE(READ), OE(WRITE) Directory Name: SUBDIR Path = /u00/app/oracle/demos/common/db-sample-schemas- master/order_entry//2002/Sep/ Users or roles with access: OE(READ), OE(WRITE) Directory Name: XMLDIR Path = /u00/app/oracle/product/12.2.0.1/rdbms/xml/ Directory Name: XSDDIR Path = /u00/app/oracle/product/12.2.0.1/rdbms/xml/schema/ $ORACLE_HOME: ORACLE_HOME Directories with both write and execute access: DATA_PUMP_DIR | ||
Remarks | Directory objects allow access to the server's file system from PL/SQL code within the database. Access to files that are used by the database kernel itself should not be permitted, as this may alter the operation of the database and bypass its access controls. |
CONF.LINKS | CIS | ||
Status | Evaluate | ||
Summary | Found 1 database link. | ||
Details | GLOBAL_NAMES=FALSE Users with CREATE DATABASE LINK privilege: BI, GGSYS, GSMADMIN_INTERNAL, HR, IX, O12TEST, OE, SH, SYSTEM Users with CREATE PUBLIC DATABASE LINK privilege: GSMADMIN_INTERNAL, O12TEST, SYSTEM Private links: SYS: SYS_HUB.TRIVADISTRAINING.COM | ||
Remarks | Database links allow users to execute SQL statements that access tables in other databases. This allows for both querying and storing data on the remote database. It is advisable to set GLOBAL_NAMES to TRUE in order to ensure that link names match the databases they access. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.2.3 |
CONF.NETACL | |||
Status | Evaluate | ||
Summary | Found 2 network ACLs. | ||
Details | NETWORK_ACL_4A5F6219EFE81A5FE0536538A8C0BF1D (Host: *, Ports: Min - Max) Principal: GGSYS, Action: deny, Privilege: resolve Principal: GSMADMIN_INTERNAL, Action: deny, Privilege: resolve Principal: EMAIL_SCHREIBEN, Action: deny, Privilege: smtp NETWORK_ACL_51ECA9E30D771C22E0536638A8C0C070 (Host: 10.1.12.250, Ports: 25 - 25) Principal: GGSYS, Action: deny, Privilege: resolve Principal: GSMADMIN_INTERNAL, Action: deny, Privilege: resolve Principal: EMAIL_SCHREIBEN, Action: deny, Privilege: smtp | ||
Remarks | Network ACLs control the external servers that database users can access using network packages such as UTL_TCP and UTL_HTTP. Specifically, a database user needs the connect privilege to an external network host computer if he or she is connecting using the UTL_TCP, UTL_HTTP, UTL_SMTP, and UTL_MAIL utility packages. To convert between a host name and its IP address using the UTL_INADDR package, the resolve privilege is required. Make sure that these permissions are limited to the minimum required by each user. |
CONF.XMLACL | |||
Status | Evaluate | ||
Summary | Found 9 XML Database ACLs. | ||
Details | Namespace: {http://xmlns.oracle.com/xdb/acl.xsd} Description: Protected:Readable by PUBLIC and all privileges to OWNER Principal: dav:owner, Action: grant, Privileges: all Principal: XDBADMIN, Action: grant, Privileges: all Principal: PUBLIC, Action: grant, Privileges: read-properties, read- contents, read-acl, resolve Namespace: {http://xmlns.oracle.com/xdb/acl.xsd} Description: Public:All privileges to PUBLIC Principal: PUBLIC, Action: grant, Privileges: all Namespace: {http://xmlns.oracle.com/xdb/acl.xsd} Description: Private:All privileges to OWNER only and not accessible to others Principal: dav:owner, Action: grant, Privileges: all Namespace: {http://xmlns.oracle.com/xdb/acl.xsd} Description: Read-Only:Readable by all and writeable by none Principal: PUBLIC, Action: grant, Privileges: read-properties, read- contents, read-acl, resolve Namespace: {http://xmlns.oracle.com/xdb/acl.xsd} Description: Protected:Readable by PUBLIC and all privileges to OWNER Principal: dav:owner, Action: grant, Privileges: all Principal: XDBADMIN, Action: grant, Privileges: all Principal: PUBLIC, Action: grant, Privileges: read-properties, read- contents, read-acl, resolve Principal: OLAP_XS_ADMIN, Action: grant, Privileges: all Namespace: {http://xmlns.oracle.com/xdb/acl.xsd} Description: Protected:Readable by PUBLIC and all privileges to OWNER Principal: dav:owner, Action: grant, Privileges: all Principal: XDBADMIN, Action: grant, Privileges: all Principal: PUBLIC, Action: grant, Privileges: read-properties, read- contents, read-acl, resolve Principal: OLAP_XS_ADMIN, Action: grant, Privileges: all Namespace: {http://xmlns.oracle.com/xdb/acl.xsd} Description: Protected:Readable by PUBLIC and all privileges to OWNER Principal: dav:owner, Action: grant, Privileges: all Principal: XDBADMIN, Action: grant, Privileges: all Principal: PUBLIC, Action: grant, Privileges: read-properties, read- contents, read-acl, resolve Principal: OLAP_XS_ADMIN, Action: grant, Privileges: all Namespace: {http://xmlns.oracle.com/xdb/acl.xsd} Description: Protected:Readable by PUBLIC and all privileges to OWNER Principal: dav:owner, Action: grant, Privileges: all Principal: XDBADMIN, Action: grant, Privileges: all Principal: PUBLIC, Action: grant, Privileges: read-properties, read- contents, read-acl, resolve Principal: OLAP_XS_ADMIN, Action: grant, Privileges: all Namespace: {http://xmlns.oracle.com/xdb/acl.xsd} Description: Protected:Readable by PUBLIC and all privileges to OWNER Principal: dav:owner, Action: grant, Privileges: all Principal: XDBADMIN, Action: grant, Privileges: all Principal: PUBLIC, Action: grant, Privileges: read-properties, read- contents, read-acl, resolve Principal: OLAP_XS_ADMIN, Action: grant, Privileges: all | ||
Remarks | XML ACLs control access to database resources using the XML DB feature. Every resource in the Oracle XML DB Repository hierarchy has an associated ACL. The ACL mechanism specifies a privilege-based access control for resources to principals, which are database users or roles. Whenever a resource is accessed, a security check is performed, and the ACL determines if the requesting user has sufficient privileges to access the resource. Make sure that these privileges are limited to the minimum required by each user. |
NET.CRYPT | |||
Status | Medium Risk | ||
Summary | Native encryption is accepted but not required. Integrity check using checksums is accepted but not required. | ||
Details | SQLNET.ENCRYPTION_SERVER is not set (default value = ACCEPTED). SQLNET.CRYPTO_CHECKSUM_SERVER is not set (default value = ACCEPTED). Examined 1 listener. LISTENER: IPC (1), TCP (1), TCPS (0) SSL_CERT_REVOCATION is not set (default value = NONE). | ||
Remarks | Network encryption protects the confidentiality and integrity of communication between the database server and its clients. Either Native Encryption or TLS should be enabled. For Native Encryption, both ENCRYPTION_SERVER and CRYPTO_CHECKSUM_SERVER should be set to REQUIRED. If TLS is used, TCPS should be specified for all network ports and SSL_CERT_REVOCATION should be set to REQUIRED. |
NET.CLIENTS | |||
Status | Medium Risk | ||
Summary | Valid node check is not enabled. Neither TCP.INVITED_NODES nor TCP.EXCLUDED_NODES is set. | ||
Details | TCP.VALIDNODE_CHECKING is not set (default value = NO). Recommended value is YES. TCP.INVITED_NODES is not set. TCP.EXCLUDED_NODES is not set. | ||
Remarks | TCP.VALIDNODE_CHECKING should be enabled to control which client nodes can connect to the database server. Either a whitelist of client nodes allowed to connect (TCP.INVITED_NODES) or a blacklist of nodes that are not allowed (TCP.EXCLUDED_NODES) may be specified. Configuring both lists is an error; only the invited node list will be used in this case. |
NET.BANNER | |||
Status | Low Risk | ||
Summary | Connect banners are not fully configured. | ||
Details | SEC_USER_AUDIT_ACTION_BANNER is not set. Should be set to a proper value. SEC_USER_UNAUTHORIZED_ACCESS_BANNER is not set. Should be set to a proper value. | ||
Remarks | These banner messages are used to warn connecting users that unauthorized access is not permitted and that their activities may be audited. |
NET.COST | CIS | ||
Status | Medium Risk | ||
Summary | Examined 1 listener. Found 1 listener not configured properly. | ||
Details | Listeners not configured properly: LISTENER Parameter setting for LISTENER: ADMIN_RESTRICTIONS_LISTENER=ON. DYNAMIC_REGISTRATION_LISTENER is not set (default value = ON). Recommended value is OFF. VALID_NODE_CHECKING_REGISTRATION_LISTENER is not set (default value = OFF). Should not be set to OFF. SECURE_PROTOCOL_LISTENER is not set. SECURE_CONTROL_LISTENER is not set. SECURE_REGISTER_LISTENER is not set. | ||
Remarks | These parameters are used to limit changes to the network listener configuration. ADMIN_RESTRICTIONS should be enabled to prevent parameter changes to the running listener. One of the following restrictions on service registration should be implemented: (a) prevent changes by disabling DYNAMIC_REGISTRATION, (b) limit the nodes that can make changes by enabling VALID_NODE_CHECKING_REGISTRATION, or (c) limit the network sources for changes using the COST parameters SECURE_PROTOCOL, SECURE_CONTROL, and SECURE_REGISTER. | ||
References | CIS Oracle Database 12c Benchmark v2.0.0: Recommendation 2.1.1, 2.1.3, 2.1.4 |
NET.LISTENLOG | |||
Status | Pass | ||
Summary | Examined 1 listener. Found 0 listeners not configured properly. | ||
Details | Listeners configured properly: LISTENER Parameter setting for LISTENER: LOGGING_LISTENER=ON. | ||
Remarks | This parameter enables logging of listener activity. Log information can be useful for troubleshooting and to provide early warning of attempted attacks. |
OS.AUTH | |||
Status | Evaluate | ||
Summary | 1 OS user can connect to the database via OS authentication. | ||
Details | SYSDBA [dba group]: oracle SYSOPER [oper group]: oracle SYSBACKUP [backupdba group]: oracle SYSKM [kmdba group]: oracle SYSDG [dgdba group]: oracle SYSRAC [racdba group]: oracle | ||
Remarks | OS authentication allows operating system users within the specified user group to connect to the database with administrative privileges. This shows the OS group names and users that can exercise each administrative privilege. |
OS.PMON | |||
Status | Pass | ||
Summary | Found 1 PMON process. The owner of the PMON process matches the ORACLE_HOME owner. | ||
Details | PMON process: ora_pmon_TVDNCDB, Owner: oracle ORACLE_HOME owner: oracle | ||
Remarks | The PMON process monitors user processes and frees resources when they terminate. This process should run with the user ID of the ORACLE_HOME owner. |
OS.AGENT | |||
Status | Pass | ||
Summary | No Agent processes found. Agent process owners do not overlap with Listener or PMON process owners. | ||
Remarks | Agent processes are used by Oracle Enterprise Manager to monitor and manage the database. These processes should run with a user ID separate from the database and listener processes. |
OS.LISTEN | |||
Status | Low Risk | ||
Summary | Found 1 Listener process. Some Listener process owners overlap with Agent or PMON process owners. | ||
Details | Owner: oracle Command: /u00/app/oracle/product/12.2.0.1/bin/tnslsnr LISTENER -inherit | ||
Remarks | Listener processes accept incoming network connections and connect them to the appropriate database server process. These processes should run with a user ID separate from the database and agent processes. |
OS.FILES | |||
Status | Medium Risk | ||
Summary | Examined 291 files. Found 1 error. | ||
Details | ORACLE_HOME: /u00/app/oracle/product/12.2.0.1 ORACLE_HOME owner: oracle Directories: 2 (0 permission errors) Executables in $ORACLE_HOME/bin: 265 (0 permission errors) Configuration files in $TNS_ADMIN: 2 (0 permission errors) Data files in $ORACLE_HOME/dbs: 22 (1 permission errors) Files with permission errors: dbs/init.ora (rw-r--r-- should be rw-r-----) | ||
Remarks | The ORACLE_HOME directory and its subdirectories contain files that are critical to the correct operation of the database, including executable programs, data files, and configuration files. Operating system file permissions must not allow these files to be modified by users other than the ORACLE_HOME owner and must not allow other users to directly read the contents of Oracle data files. |
This report provides information and recommendations that may be helpful in securing your Oracle database system. These recommendations reflect best practices for database security and should be part of any strategy for Data Protection by Design and by Default. These practices may help in addressing Articles 25 and 32 of the EU General Data Protection Regulation as well as other data privacy regulations. Technical controls alone are not sufficient for compliance. Passing all findings does not guarantee compliance.
The report provides a view on the current status. The results shown are provided for informational purposes only and should not be used as a substitute for a thorough analysis or interpreted to contain any legal or regulatory advice or guidance.
You are solely responsible for your system, and the data and information gathered during the production of this report. You are also solely responsible for the execution of software to produce this report, and for the effect and results of the execution of any mitigating actions identified herein.
Oracle provides this analysis on an "as is" basis without warranty of any kind and Oracle hereby disclaims all warranties and conditions whether express, implied or statutory.