My Oracle Support Banner

Security Testing Identified Potential Impact With the Database Used by Oracle Access Manager (OAM) (Doc ID 2739428.1)

Last updated on DECEMBER 23, 2020

Applies to:

Oracle Access Manager - Version 12.2.1.3.0 and later
Information in this document applies to any platform.

Goal

1. Unauthorized users with CATALOG roles
2. Unauthorized users having access to DBA views and tables in SYS schema
3. Insecure DBMS_BACKUP_RESTORE package permissions
4. Insecure File Transfer privileges remove on DBMS_FILE_TRANSFER
5. Lack of detailed audit settings - ALTER USER
6. Allocation of Unlimited Tablespace for application user

1. Remove DBMS_BACKUP_RESTORE permissions if not necessary. Any users or roles that have this privilege should be reviewed and the privilege revoked if not necessary.

2. Impact of removing this from other user: Any users that not need EXECUTE permission on DBMS_FILE_TRANSFER then remove it.

3. Impact of removing this from other user:

a. Sessions per user for ODS and OAM,OID users. Impact of setting it to values or unlimited:
b. Allocation of unlimited tablespace to user: ODS , OAMPROD_IAU, OIDPROD_IAU, OIDPROD_IAU_VIEWER ,OAMPROD_IAU_VIEWER, Impact of allocation


 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.