The compliance rules for the Basic Security Configuration For Oracle Pluggable Database standard follow.
Description: Ensures restricted access to DBA_ROLES view
Severity: Minor Warning
Rationale: DBA_ROLES view contains details of all roles in the database. Knowledge of the structure of roles in the database can be taken advantage of by a malicious user.
Description: Ensures restricted access to DBA_ROLE_PRIVS view
Severity: Minor Warning
Rationale: The DBA_ROLE_PRIVS view lists the roles granted to users and other roles. Knowledge of the structure of roles in the database can be taken advantage of by a malicious user.
Description: Ensures restricted access to DBA_SYS_PRIVS view
Severity: Minor Warning
Rationale: DBA_SYS_PRIVS view can be queried to find system privileges granted to roles and users. Knowledge of the structure of roles in the database can be taken advantage of bya malicious user.
Description: Ensures restricted access to DBA_TAB_PRIVS view
Severity: Minor Warning
Rationale: Lists privileges granted to users or roles on objects in the database. Knowledge of the structure of roles in the database can be taken advantage of by a malicious user.
Description: Ensures restricted access to DBA_USERS view
Severity: Minor Warning
Rationale: Contains user password hashes and other account information. Access to this information can be used to mount brute-force attacks.
Description: Ensures restricted access to STATS$SQLTEXT table
Severity: Minor Warning
Rationale: This table provides full text of the recently-executed SQL statements. The SQL statements can reveal sensitive information.
Description: Ensures restricted access to STATS$SQL_SUMMARY table
Severity: Minor Warning
Rationale: Contains first few lines of SQL text of the most resource intensive commands given to the server. Sql statements executed without bind variables can show up here exposing privileged information.
Description: Ensures restricted access to SYS.AUD$ table
Severity: Minor Warning
Rationale: A knowlegeable and malicious user can gain access to sensitive audit information.
Description: Ensures restricted access to SYS.SOURCE$ table
Severity: Minor Warning
Rationale: Contains source of all stored packages units in the database.
Description: Ensures restricted access to SYS.USER$ table
Severity: Minor Warning
Rationale: Username and password hash may be read from the SYS.USER$ table, enabling a hacker to launch a brute-force attack.
Description: Ensures restricted access to SYS.USER_HISTORY$ table
Severity: Minor Warning
Rationale: Username and password hash may be read from the SYS.USER_HISTORY$ table, enabling a hacker to launch a brute-force attack.
Description: Ensure there are no default passwords for known accounts
Severity: Warning
Rationale: A malicious user can gain access to the database using default passwords.
Description: Ensures PUBLIC is not granted EXECUTE privileges on DBMS_JOB package
Severity: Critical
Rationale: Granting EXECUTE privilege to PUBLIC on DBMS_JOB package allows users to schedule jobs on the database.
Description: Ensures PUBLIC is not granted EXECUTE privileges on DBMS_SYS_SQL package
Severity: Critical
Rationale: The DBMS_SYS_SQL package can be used to run PL/SQL and SQL as the owner of the procedure rather than the caller.
Description: Ensures PASSWORD_VERIFY_FUNCTION resource for the profile is set
Severity: Critical
Rationale: Having passwords that do not meet minimum complexity requirements offer substantially less protection than complex passwords.
Description: Ensures that all profiles have PASSWORD_GRACE_TIME set to a reasonable number of days
Severity: Critical
Rationale: A high value for the PASSWORD_GRACE_TIME parameter may cause serious database security issues by allowing the user to keep the same password for a long time.
Description: Ensures that all profiles have PASSWORD_LIFE_TIME set to a reasonable number of days
Severity: Warning
Rationale: A long password life time gives hackers a long time to try and cook the password. May cause serious database security issues.
Description: Ensures PASSWORD_LOCK_TIME is set to a reasonable number of days for all profiles
Severity: Warning
Rationale: Having a low value increases the likelihood of Denial of Service attacks.
Description: Ensure PUBLIC does not have execute privileges on the UTL_HTTP package
Severity: Critical
Rationale: Privileges granted to the PUBLIC role automatically apply to all users. A malicious user can gain access to email, network and http modules using the EXECUTE privilege.
Description: Ensure PUBLIC does not have execute privileges on the UTL_SMTP package
Severity: Critical
Rationale: Privileges granted to the PUBLIC role automatically apply to all users. A malicious user can gain access to email, network and http modules using the EXECUTE privilege.
Description: Ensure PUBLIC does not have execute privileges on the UTL_TCP package
Severity: Critical
Rationale: Privileges granted to the PUBLIC role automatically apply to all users. A malicious user can gain access to email, network and http modules using the EXECUTE privilege.
The compliance rules for the Configuration Best Practices For Oracle Database standard follow.
Description: Checks if the STATISTICS_LEVEL initialization parameter is set to BASIC
Severity: Critical
Rationale: Automatic statistics collection allows the optimizer to generate accurate execution plans and is essential for identifying and correcting performance problems. By default, STATISTICS_LEVEL is set to TYPICAL. If the STATISTICS_LEVEL initialization parameter is set to BASIC the collection of many important statistics, required by Oracle database features and functionality, are disabled.
Description: Checks if the PGA_AGGREGATE_TARGET initialization parameter has a value of 0 or if WORKAREA_SIZE_POLICY has value of MANUAL.
Severity: Warning
Rationale: Automatic PGA memory management simplifies and improves the way PGA memory is allocated. When enabled, Oracle can dynamically adjust the portion of the PGA memory dedicated to work areas while honoring the PGA_AGGREGATE_TARGET limit set by the DBA.'
Description: Checks if the STATISTICS_LEVEL initialization parameter is set to ALL
Severity: Minor Warning
Rationale: Automatic statistics collection allows the optimizer to generate accurate execution plans and is essential for identifying and correcting performance problems. The STATISTICS_LEVEL initialization parameter is currently set to ALL, meaning additional timed OS and plan execution statistics are being collected. These statistics are not necessary and create additional overhead on the system.
Description: Checks if the TIMED_STATISTICS initialization parameter is set to FALSE.
Severity: Critical
Rationale: Setting TIMED_STATISTICS to FALSE prevents time related statistics, e.g. execution time for various internal operations, from being collected. These statistics are useful for diagnosing and performance tuning. Setting TIMED_STATISTICS to TRUE will allow time related statistics to be collected, and will also provide more value to the trace file and generates more accurate statistics for long-running operations.
Description: Checks for use of non-standard initialization parameters
Severity: Minor Warning
Rationale: Non-standard initialization parameters are being used. These may have been implemented based on poor advice or incorrect assumptions. In particular, parameters associated with SPIN_COUNT on latches and undocumented optimizer features can cause a great deal of problems that can require considerable investigation.
The compliance rules for the High Security Configuration For Oracle Pluggable Database standard follow.
Description: Ensure grant of %_CATALOG_% is restricted
Severity: Critical
Rationale: %_CATALOG_% Roles have critical access to database objects, that can lead to exposure of vital information in database system.
Description: Ensures restricted access to ALL_SOURCE view
Severity: Minor Warning
Rationale: ALL_SOURCE view contains source of all stored packages in the database.
Description: Ensures SELECT privilege is never granted to any DBA_ view
Severity: Warning
Rationale: The DBA_* views provide access to privileges and policy settings of the database. Some of these views also allow viewing of sensitive PL/SQL code that can be used to understand the security policies.
Description: Ensures restricted access to ROLE_ROLE_PRIVS view
Severity: Minor Warning
Rationale: Lists roles granted to other roles. Knowledge of the structure of roles in the database can be taken advantage of by a malicious user.
Description: Ensures restricted access to LINK$ table
Severity: Minor Warning
Rationale: A knowlegeable and malicious user can gain access to user passwords from the SYS.LINK$ table.
Description: Ensures restricted access to USER_ROLE_PRIVS view
Severity: Minor Warning
Rationale: Lists the roles granted to the current user. Knowledge of the structure of roles in the database can be taken advantage of by a malicious user.
Description: Ensures restricted access to USER_TAB_PRIVS view
Severity: Minor Warning
Rationale: Lists the grants on objects for which the user is the owner, grantor or grantee. Knowledge of the grants in the database can be taken advantage of by a malicious user.
Description: Ensures SELECT privilege is not granted to any V$ Views
Severity: Critical
Rationale: V$ tables contain sensitive information about Oracle database and should only be accessible by system administrators. Check for any user that has access and revoke where possible
Description: Ensure access on X$ views is restricted
Severity: Critical
Rationale: This can lead to revealing of internal database structure information.
Description: Ensures ALTER ANY TABLE Privilege is being audited by access for all users
Severity: Critical
Rationale: Auditing ALTER ANY TABLE will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures ALTER USER Privilege is being audited by access for all users
Severity: Critical
Rationale: Auditing ALTER USER will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures CREATE ANY LIBRARY is being audited by access for all users
Severity: Critical
Rationale: Auditing CREATE ANY LIBRARY will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures CREATE LIBRARY Privilege is being audited by access for all users
Severity: Critical
Rationale: Auditing CREATE LIBRARY will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures CREATE ROLE Privilege is being audited by access for all users
Severity: Critical
Rationale: Auditing the creation of roles will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures CREATE SESSION Privilege is being audited by access for all users
Severity: Critical
Rationale: Auditing CREATE SESSION will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures CREATE USER Privilege is being audited by access for all users
Severity: Critical
Rationale: Auditing CREATE USER will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures DROP ANY PROCEDURE Privilege is being audited by access for all users
Severity: Critical
Rationale: Auditing DROP ANY PROCEDURE will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures DROP ANY ROLE Privilege is being audited by access for all users
Severity: Critical
Rationale: Auditing the creation of roles will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures DROP ANY TABLE Privilege is being audited by access for all users
Severity: Critical
Rationale: Auditing DROP ANY TABLE will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures EXECUTE ANY PROCEDURE Privilege is being audited by access for all users
Severity: Critical
Rationale: Auditing the creation of roles will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures SELECT ANY DICTIONARY Privilege is being audited by access for all users
Severity: Critical
Rationale: Auditing SELECT ANY DICTIONARY will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures GRANT ANY PRIVILEGE is being audited by access for all users
Severity: Critical
Rationale: Auditing GRANT ANY PRIVILEGE will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensures that insert failures are audited for critical data objects
Severity: Warning
Rationale: Not auditing insert failures for critical data objects may allow a malicious user to infiltrate system security..
Description: Ensures SELECT ANY DICTIONARY Privilege is being audited by access for all users
Severity: Critical
Rationale: Auditing SELECT ANY DICTIONARY will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events
Description: Ensure that users profile settings CONNECT_TIME have appropriate value set for the particular database and application
Severity: Critical
Rationale: Sessions held open for excessive periods of time can consume system resources and cause a denial of service for other users of the Oracle database. The CONNECT_TIME parameter limits the upper bound on how long a session can be held open. This parameter is specified in minutes. Sessions that have exceeded their connect time are aborted and rolled back
Description: Ensures that all profiles have CPU_PER_SESSION set to a reasonable number of CPU cycles
Severity: Critical
Rationale: Allowing a single application or user to consume excessive CPU resources will result in a denial of service to the Oracle database
Description: Ensures PUBLIC group is not granted EXECUTE privileges to the DBMS_LOB package
Severity: Critical
Rationale: The DBMS_LOB package can be used to access any file on the system as the owner of the Oracle software installation.
Description: Ensure PUBLIC does not have EXECUTE privilege on the UTL_FILE package
Severity: Critical
Rationale: Privileges granted to the PUBLIC role automatically apply to all users. A malicious user can read and write arbitrary files in the system when granted the UTL_FILE privilege.
Description: Ensure PUBLIC does not have execute privileges on the SYS.DBMS_EXPORT_EXTENSION package
Severity: Critical
Rationale: Privileges granted to the PUBLIC role automatically apply to all users. DBMS_EXPORT_EXTENSION can allow sql injection. Thus a malicious will be able to take advantage.
Description: Ensure PUBLIC does not have execute privileges on the SYS.DBMS_RANDOM package
Severity: Critical
Rationale: Privileges granted to the PUBLIC role automatically apply to all users. DBMS_RANDOM can allow sql injection. Thus a malicious will be able to take advantage.
Description: Ensures SELECT ANY PRIVILEGE is never granted to any user or role
Severity: Warning
Rationale: The SELECT ANY TABLE privilege can be used to grant users or roles with the ability to view data in tables that are not owned by them. A malicious user with access to any user account that has this privilege can use this to gain access to sensitive data.
Description: Ensure that users profile settings LOGICAL_READS_ PER_SESSION have appropriate value set for the particular database and application
Severity: Critical
Rationale: Allowing a single application or user to perform excessive amounts of reads to disk will result in a denial of service to the Oracle database
Description: Ensures database accounts does not rely on OS authentication
Severity: Critical
Rationale: If the host operating system has a required userid for database account for which password is set EXTERNAL, then Oracle does not check its credentials anymore. It simplyassumes the host must have done its authentication and lets the user into the database without any further checking.
Description: Ensure that users PRIVATE_SGA profile settings have appropriate values set for the particular database and application
Severity: Critical
Rationale: Allowing a single application or user to consume the excessive amounts of the System Global Area will result in a denial of service to the Oracle database
Description: Ensures that all profiles have PASSWORD_REUSE_MAX set to a reasonable number of times
Severity: Warning
Rationale: Old passwords are usually the best guesses for the current password. A low value for the PASSWORD_REUSE_MAX parameter may cause serious database security issues by allowing users to reuse their old passwords more often.
Description: Ensures that all profiles have PASSWORD_REUSE_TIME set to a reasonable number of days
Severity: Critical
Rationale: A low value for the PASSWORD_REUSE_TIME parameter may cause serious database security issues by allowing users to reuse their old passwords more often.
Description: Ensures that the proxy accounts have limited privileges
Severity: Warning
Rationale: The proxy user only needs to connect to the database. Once connected it will use the privileges of the user it is connecting on behalf of. Granting any other privilege than the CREATE SESSION privilege to the proxy user is unnecessary and open to misuse.
Description: Ensures that all profiles have SESSIONS_PER_USER set to a reasonable number
Severity: Critical
Rationale: Allowing an unlimited amount of sessions per user can consume Oracle resources and cause a denial of service. Limit the number of session for each individual user
Description: Ensure system privileges are not granted to PUBLIC
Severity: Critical
Rationale: Privileges granted to the public role automatically apply to all users. There are security risks granting SYSTEM privileges to all users.
The compliance rules for the Storage Best Practices For Oracle Database standard follow.
Description: Checks for dictionary managed tablespaces
Severity: Minor Warning
Rationale: These tablespaces are dictionary managed. Oracle recommends using locally managed tablespaces, with AUTO segment-space management, to enhance performance and ease of space management.
Description: Checks for data segments owned by non-system users located in tablespaces SYSTEM, SYSAUX and SYSEXT.
Severity: Minor Warning
Rationale: These segments belonging to non-system users are stored in system tablespaces SYSTEM or SYSAUX or SYSEXT. This violation makes it more difficult to manage these data segments and may result in performance degradation in the system tablespace. This is also a security issue. If non-system users are storing data in a system tablespace it is possible that all available space in the system tablespace may be consumed, thus causing the database to stop working.
Description: Checks for non-system users using SYSTEM or SYSAUX as the default tablespace
Severity: Minor Warning
Rationale: These non-system users use a system tablespace as the default tablespace. This violation will result in non-system data segments being added to the system tablespace, making it more difficult to manage these data segments and possibly resulting in performance degradation in the system tablespace. This is also a security issue. All Available space in the system tablespace may beconsumed, thus causing the database to stop working.
Description: Checks for dictionary managed or migrated locally managed tablespaces with non-uniform default extent size
Severity: Minor Warning
Rationale: Dictionary managed or migrated locally managed tablespaces using non-uniform default extent sizes have been found. This means that the extents in a single tablespace will vary insize leading to fragmentation, inefficient space usage and performance degradation.
Description: Checks for locally managed tablespaces that are using MANUAL segment space management
Severity: Minor Warning
Rationale: Automatic segment-space management is a simpler and more efficient way of managing space within a segment. It completely eliminates any need to specify and tune the PCTUSED, FREELISTS and FREELIST GROUPS storage parameters for schema objects created in the tablespace. In a RAC environment there is the additional benefit of avoiding the hard partitioning of space inherent with using free list groups.
Description: Checks for users using a permanent tablespace as the temporary tablespace
Severity: Minor Warning
Rationale: These users use a permanent tablespace as the temporary tablespace. Using temporary tablespaces allows space management for sort operations to be more efficient. Using a permanent tablespace for these operations may result in performance degradation, especially for Real Application Clusters. There is an additional security concern. This makes it possible for users to use all available space in the system tablespace, causing the database to stop working.