Description: Ensures restricted access to DBA_ROLES view

Severity: Minor Warning

Rationale: DBA_ROLES view contains details of all roles in the database. Knowledge of the structure of roles in the database can be taken advantage of by a malicious user.

Description: Ensures restricted access to DBA_ROLE_PRIVS view

Severity: Minor Warning

Rationale: The DBA_ROLE_PRIVS view lists the roles granted to users and other roles. Knowledge of the structure of roles in the database can be taken advantage of by a malicious user.

Description: Ensures restricted access to DBA_SYS_PRIVS view

Severity: Minor Warning

Rationale: DBA_SYS_PRIVS view can be queried to find system privileges granted to roles and users. Knowledge of the structure of roles in the database can be taken advantage of bya malicious user.

Description: Ensures restricted access to DBA_TAB_PRIVS view

Severity: Minor Warning

Rationale: Lists privileges granted to users or roles on objects in the database. Knowledge of the structure of roles in the database can be taken advantage of by a malicious user.

Description: Ensures restricted access to DBA_USERS view

Severity: Minor Warning

Rationale: Contains user password hashes and other account information. Access to this information can be used to mount brute-force attacks.

Description: Ensures restricted access to STATS$SQLTEXT table

Severity: Minor Warning

Rationale: This table provides full text of the recently-executed SQL statements. The SQL statements can reveal sensitive information.

Description: Ensures restricted access to STATS$SQL_SUMMARY table

Severity: Minor Warning

Rationale: Contains first few lines of SQL text of the most resource intensive commands given to the server. Sql statements executed without bind variables can show up here exposing privileged information.

Description: Ensures restricted access to SYS.AUD$ table

Severity: Minor Warning

Rationale: A knowlegeable and malicious user can gain access to sensitive audit information.

Description: Ensures restricted access to SYS.SOURCE$ table

Severity: Minor Warning

Rationale: Contains source of all stored packages units in the database.

Description: Ensures restricted access to SYS.USER$ table

Severity: Minor Warning

Rationale: Username and password hash may be read from the SYS.USER$ table, enabling a hacker to launch a brute-force attack.

Description: Ensures restricted access to SYS.USER_HISTORY$ table

Severity: Minor Warning

Rationale: Username and password hash may be read from the SYS.USER_HISTORY$ table, enabling a hacker to launch a brute-force attack.

Description: Ensure there are no default passwords for known accounts

Severity: Warning

Rationale: A malicious user can gain access to the database using default passwords.

Description: Ensures PUBLIC is not granted EXECUTE privileges on DBMS_JOB package

Severity: Critical

Rationale: Granting EXECUTE privilege to PUBLIC on DBMS_JOB package allows users to schedule jobs on the database.

Description: Ensures PUBLIC is not granted EXECUTE privileges on DBMS_SYS_SQL package

Severity: Critical

Rationale: The DBMS_SYS_SQL package can be used to run PL/SQL and SQL as the owner of the procedure rather than the caller.

Description: Ensures PASSWORD_VERIFY_FUNCTION resource for the profile is set

Severity: Critical

Rationale: Having passwords that do not meet minimum complexity requirements offer substantially less protection than complex passwords.

Description: Ensures that all profiles have PASSWORD_GRACE_TIME set to a reasonable number of days

Severity: Critical

Rationale: A high value for the PASSWORD_GRACE_TIME parameter may cause serious database security issues by allowing the user to keep the same password for a long time.

Description: Ensures that all profiles have PASSWORD_LIFE_TIME set to a reasonable number of days

Severity: Warning

Rationale: A long password life time gives hackers a long time to try and cook the password. May cause serious database security issues.

Description: Ensures PASSWORD_LOCK_TIME is set to a reasonable number of days for all profiles

Severity: Warning

Rationale: Having a low value increases the likelihood of Denial of Service attacks.

Description: Ensure PUBLIC does not have execute privileges on the UTL_HTTP package

Severity: Critical

Rationale: Privileges granted to the PUBLIC role automatically apply to all users. A malicious user can gain access to email, network and http modules using the EXECUTE privilege.

Description: Ensure PUBLIC does not have execute privileges on the UTL_SMTP package

Severity: Critical

Rationale: Privileges granted to the PUBLIC role automatically apply to all users. A malicious user can gain access to email, network and http modules using the EXECUTE privilege.

Description: Ensure PUBLIC does not have execute privileges on the UTL_TCP package

Severity: Critical

Rationale: Privileges granted to the PUBLIC role automatically apply to all users. A malicious user can gain access to email, network and http modules using the EXECUTE privilege.

Description: Checks for accessibility of well-known accounts

Severity: Warning

Rationale: A knowledgeable malicious user can gain access to the database using a well-known account.

Description: Checks if the STATISTICS_LEVEL initialization parameter is set to BASIC

Severity: Critical

Rationale: Automatic statistics collection allows the optimizer to generate accurate execution plans and is essential for identifying and correcting performance problems. By default, STATISTICS_LEVEL is set to TYPICAL. If the STATISTICS_LEVEL initialization parameter is set to BASIC the collection of many important statistics, required by Oracle database features and functionality, are disabled.

Description: Checks if the PGA_AGGREGATE_TARGET initialization parameter has a value of 0 or if WORKAREA_SIZE_POLICY has value of MANUAL.

Severity: Warning

Rationale: Automatic PGA memory management simplifies and improves the way PGA memory is allocated. When enabled, Oracle can dynamically adjust the portion of the PGA memory dedicated to work areas while honoring the PGA_AGGREGATE_TARGET limit set by the DBA.'

Description: Checks if the STATISTICS_LEVEL initialization parameter is set to ALL

Severity: Minor Warning

Rationale: Automatic statistics collection allows the optimizer to generate accurate execution plans and is essential for identifying and correcting performance problems. The STATISTICS_LEVEL initialization parameter is currently set to ALL, meaning additional timed OS and plan execution statistics are being collected. These statistics are not necessary and create additional overhead on the system.

Description: Checks if the TIMED_STATISTICS initialization parameter is set to FALSE.

Severity: Critical

Rationale: Setting TIMED_STATISTICS to FALSE prevents time related statistics, e.g. execution time for various internal operations, from being collected. These statistics are useful for diagnosing and performance tuning. Setting TIMED_STATISTICS to TRUE will allow time related statistics to be collected, and will also provide more value to the trace file and generates more accurate statistics for long-running operations.

Description: Checks for use of non-standard initialization parameters

Severity: Minor Warning

Rationale: Non-standard initialization parameters are being used. These may have been implemented based on poor advice or incorrect assumptions. In particular, parameters associated with SPIN_COUNT on latches and undocumented optimizer features can cause a great deal of problems that can require considerable investigation.

Description: Ensure grant of %_CATALOG_% is restricted

Severity: Critical

Rationale: %_CATALOG_% Roles have critical access to database objects, that can lead to exposure of vital information in database system.

Description: Ensures restricted access to ALL_SOURCE view

Severity: Minor Warning

Rationale: ALL_SOURCE view contains source of all stored packages in the database.

Description: Ensures SELECT privilege is never granted to any DBA_ view

Severity: Warning

Rationale: The DBA_* views provide access to privileges and policy settings of the database. Some of these views also allow viewing of sensitive PL/SQL code that can be used to understand the security policies.

Description: Ensures restricted access to ROLE_ROLE_PRIVS view

Severity: Minor Warning

Rationale: Lists roles granted to other roles. Knowledge of the structure of roles in the database can be taken advantage of by a malicious user.

Description: Ensures restricted access to LINK$ table

Severity: Minor Warning

Rationale: A knowlegeable and malicious user can gain access to user passwords from the SYS.LINK$ table.

Description: Ensures restricted access to USER_ROLE_PRIVS view

Severity: Minor Warning

Rationale: Lists the roles granted to the current user. Knowledge of the structure of roles in the database can be taken advantage of by a malicious user.

Description: Ensures restricted access to USER_TAB_PRIVS view

Severity: Minor Warning

Rationale: Lists the grants on objects for which the user is the owner, grantor or grantee. Knowledge of the grants in the database can be taken advantage of by a malicious user.

Description: Ensures SELECT privilege is not granted to any V$ Views

Severity: Critical

Rationale: V$ tables contain sensitive information about Oracle database and should only be accessible by system administrators. Check for any user that has access and revoke where possible

Description: Ensure access on X$ views is restricted

Severity: Critical

Rationale: This can lead to revealing of internal database structure information.

Description: Ensures ALTER ANY TABLE Privilege is being audited by access for all users

Severity: Critical

Rationale: Auditing ALTER ANY TABLE will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures ALTER USER Privilege is being audited by access for all users

Severity: Critical

Rationale: Auditing ALTER USER will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures CREATE ANY LIBRARY is being audited by access for all users

Severity: Critical

Rationale: Auditing CREATE ANY LIBRARY will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures CREATE LIBRARY Privilege is being audited by access for all users

Severity: Critical

Rationale: Auditing CREATE LIBRARY will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures CREATE ROLE Privilege is being audited by access for all users

Severity: Critical

Rationale: Auditing the creation of roles will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures CREATE SESSION Privilege is being audited by access for all users

Severity: Critical

Rationale: Auditing CREATE SESSION will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures CREATE USER Privilege is being audited by access for all users

Severity: Critical

Rationale: Auditing CREATE USER will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures DROP ANY PROCEDURE Privilege is being audited by access for all users

Severity: Critical

Rationale: Auditing DROP ANY PROCEDURE will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures DROP ANY ROLE Privilege is being audited by access for all users

Severity: Critical

Rationale: Auditing the creation of roles will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures DROP ANY TABLE Privilege is being audited by access for all users

Severity: Critical

Rationale: Auditing DROP ANY TABLE will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures EXECUTE ANY PROCEDURE Privilege is being audited by access for all users

Severity: Critical

Rationale: Auditing the creation of roles will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures SELECT ANY DICTIONARY Privilege is being audited by access for all users

Severity: Critical

Rationale: Auditing SELECT ANY DICTIONARY will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures GRANT ANY PRIVILEGE is being audited by access for all users

Severity: Critical

Rationale: Auditing GRANT ANY PRIVILEGE will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensures that insert failures are audited for critical data objects

Severity: Warning

Rationale: Not auditing insert failures for critical data objects may allow a malicious user to infiltrate system security..

Description: Ensures SELECT ANY DICTIONARY Privilege is being audited by access for all users

Severity: Critical

Rationale: Auditing SELECT ANY DICTIONARY will provide a record to ensure the appropriate use of account administration privileges. This information is also useful when investigating certain security events

Description: Ensure that users profile settings CONNECT_TIME have appropriate value set for the particular database and application

Severity: Critical

Rationale: Sessions held open for excessive periods of time can consume system resources and cause a denial of service for other users of the Oracle database. The CONNECT_TIME parameter limits the upper bound on how long a session can be held open. This parameter is specified in minutes. Sessions that have exceeded their connect time are aborted and rolled back

Description: Ensures that all profiles have CPU_PER_SESSION set to a reasonable number of CPU cycles

Severity: Critical

Rationale: Allowing a single application or user to consume excessive CPU resources will result in a denial of service to the Oracle database

Description: Ensures PUBLIC group is not granted EXECUTE privileges to the DBMS_LOB package

Severity: Critical

Rationale: The DBMS_LOB package can be used to access any file on the system as the owner of the Oracle software installation.

Description: Ensure PUBLIC does not have EXECUTE privilege on the UTL_FILE package

Severity: Critical

Rationale: Privileges granted to the PUBLIC role automatically apply to all users. A malicious user can read and write arbitrary files in the system when granted the UTL_FILE privilege.

Description: Ensure PUBLIC does not have execute privileges on the SYS.DBMS_EXPORT_EXTENSION package

Severity: Critical

Rationale: Privileges granted to the PUBLIC role automatically apply to all users. DBMS_EXPORT_EXTENSION can allow sql injection. Thus a malicious will be able to take advantage.

Description: Ensure PUBLIC does not have execute privileges on the SYS.DBMS_RANDOM package

Severity: Critical

Rationale: Privileges granted to the PUBLIC role automatically apply to all users. DBMS_RANDOM can allow sql injection. Thus a malicious will be able to take advantage.

Description: Ensures SELECT ANY PRIVILEGE is never granted to any user or role

Severity: Warning

Rationale: The SELECT ANY TABLE privilege can be used to grant users or roles with the ability to view data in tables that are not owned by them. A malicious user with access to any user account that has this privilege can use this to gain access to sensitive data.

Description: Ensure that users profile settings LOGICAL_READS_ PER_SESSION have appropriate value set for the particular database and application

Severity: Critical

Rationale: Allowing a single application or user to perform excessive amounts of reads to disk will result in a denial of service to the Oracle database

Description: Ensures database accounts does not rely on OS authentication

Severity: Critical

Rationale: If the host operating system has a required userid for database account for which password is set EXTERNAL, then Oracle does not check its credentials anymore. It simplyassumes the host must have done its authentication and lets the user into the database without any further checking.

Description: Ensure that users PRIVATE_SGA profile settings have appropriate values set for the particular database and application

Severity: Critical

Rationale: Allowing a single application or user to consume the excessive amounts of the System Global Area will result in a denial of service to the Oracle database

Description: Ensures that all profiles have PASSWORD_REUSE_MAX set to a reasonable number of times

Severity: Warning

Rationale: Old passwords are usually the best guesses for the current password. A low value for the PASSWORD_REUSE_MAX parameter may cause serious database security issues by allowing users to reuse their old passwords more often.

Description: Ensures that all profiles have PASSWORD_REUSE_TIME set to a reasonable number of days

Severity: Critical

Rationale: A low value for the PASSWORD_REUSE_TIME parameter may cause serious database security issues by allowing users to reuse their old passwords more often.

Description: Ensures that the proxy accounts have limited privileges

Severity: Warning

Rationale: The proxy user only needs to connect to the database. Once connected it will use the privileges of the user it is connecting on behalf of. Granting any other privilege than the CREATE SESSION privilege to the proxy user is unnecessary and open to misuse.

Description: Ensures that all profiles have SESSIONS_PER_USER set to a reasonable number

Severity: Critical

Rationale: Allowing an unlimited amount of sessions per user can consume Oracle resources and cause a denial of service. Limit the number of session for each individual user

Description: Ensure system privileges are not granted to PUBLIC

Severity: Critical

Rationale: Privileges granted to the public role automatically apply to all users. There are security risks granting SYSTEM privileges to all users.

Description: Ensures database users are allocated a limited tablespace quota

Severity: Warning

Rationale: Granting unlimited tablespace quotas can cause the filling up of the allocated disk space. This can lead to an unresponsive database.

Description: Checks for dictionary managed tablespaces

Severity: Minor Warning

Rationale: These tablespaces are dictionary managed. Oracle recommends using locally managed tablespaces, with AUTO segment-space management, to enhance performance and ease of space management.

Description: Checks for data segments owned by non-system users located in tablespaces SYSTEM, SYSAUX and SYSEXT.

Severity: Minor Warning

Rationale: These segments belonging to non-system users are stored in system tablespaces SYSTEM or SYSAUX or SYSEXT. This violation makes it more difficult to manage these data segments and may result in performance degradation in the system tablespace. This is also a security issue. If non-system users are storing data in a system tablespace it is possible that all available space in the system tablespace may be consumed, thus causing the database to stop working.

Description: Checks for non-system users using SYSTEM or SYSAUX as the default tablespace

Severity: Minor Warning

Rationale: These non-system users use a system tablespace as the default tablespace. This violation will result in non-system data segments being added to the system tablespace, making it more difficult to manage these data segments and possibly resulting in performance degradation in the system tablespace. This is also a security issue. All Available space in the system tablespace may beconsumed, thus causing the database to stop working.

Description: Checks for dictionary managed or migrated locally managed tablespaces with non-uniform default extent size

Severity: Minor Warning

Rationale: Dictionary managed or migrated locally managed tablespaces using non-uniform default extent sizes have been found. This means that the extents in a single tablespace will vary insize leading to fragmentation, inefficient space usage and performance degradation.

Description: Checks for locally managed tablespaces that are using MANUAL segment space management

Severity: Minor Warning

Rationale: Automatic segment-space management is a simpler and more efficient way of managing space within a segment. It completely eliminates any need to specify and tune the PCTUSED, FREELISTS and FREELIST GROUPS storage parameters for schema objects created in the tablespace. In a RAC environment there is the additional benefit of avoiding the hard partitioning of space inherent with using free list groups.

Description: Checks for users using a permanent tablespace as the temporary tablespace

Severity: Minor Warning

Rationale: These users use a permanent tablespace as the temporary tablespace. Using temporary tablespaces allows space management for sort operations to be more efficient. Using a permanent tablespace for these operations may result in performance degradation, especially for Real Application Clusters. There is an additional security concern. This makes it possible for users to use all available space in the system tablespace, causing the database to stop working.