Broken Authentication

Access control weaknesses can lead to unauthorized data access either by attackers or by users obtaining access to data they are not authorized to view.

To counter attacker access, use strong passwords. Create a policy for password length and complexity. See "Choosing A Secure Password": https://www.oracle.com/technetwork/database/security/secure-passwords-082531.html

Each Oracle DMW API user should have a private user account to access the Oracle DMW database. The database account is associated with and has the same object-level security as the Oracle DMW user account. Database users should not share credentials. Sharing credentials can provide a user with privileges beyond their Oracle DMW application user account and provide access to data that the user isn’t authorized to view.