Profile GSM_PROF Setting FAILED_LOGIN_ATTEMPT=10000000 Violates Corp Security Policy
(Doc ID 2795838.1)
Last updated on JULY 20, 2024
Applies to:
Oracle Database - Enterprise Edition - Version 19.9.0.0.0 to 20.0.0.0.0 Beta [Release 19 to 20.0]Information in this document applies to any platform.
Goal
According to Doc ID 2451080.1, starting with Oracle Version 12.2 a new profile GSM_PROF is created with FAILED_LOGIN_ATTEMPTS=10000000 to prevent Denial of Service attacks.
However this violates your company policy of setting FAILED_LOGIN_ATTEMPTS=6, and it is getting flagged on your security scanning.
You want to know if there is any risk in changing GSM_PROF FAILED_LOGIN_ATTEMPTS=6.
How to check if GDS or sharding database is used or not?
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Goal |
Solution |
References |