EM 12c: How to disable the "Security Recommendations For Oracle Products" Compliance Standard in Enterprise Manager 12c Cloud Control (Doc ID 1575080.1)

Last updated on JUNE 13, 2017

Applies to:

Enterprise Manager Base Platform - Version 12.1.0.1.0 to 12.1.0.3.0 [Release 12.1]
Information in this document applies to any platform.

Goal

The 'Security Recommendations For Oracle Products' compliance standard is enabled automatically out of the box in Enterprise Manager Cloud Control 12.1.0.3. This can result in multiple incidents being reported in Incident Manager under:

A critical alert will be shown with the following message:

The target <dbname> in host <hostname> is vulnerable. The security patch <patch#> is applicable to it.

Alternatively, the results of the "Security Recommendations for Oracle Products" compliance standard can be seen from either:

The patches which are recommended as being applicable, have been evaluated by a repository side compliance standard rule. Every time the "Refresh From
Metalink" job runs (by default each night), this compliance standard is evaluated to see if any targets are missing any recommended patches. The query used
to retrieve this recommended patch information can be simulated by running the following in the repository database:

 
The procedure to disable "Security Recommendations for Oracle Products" compliance standard check is provided below.

 

 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms