DG0001-ORACLE11 - Vendor supported software is evaluated and patched against newly found vulnerabilities.

Details

Unsupported software versions are not patched by vendors to address newly discovered security versions. An unpatched version is vulnerable to attack.



NOTE: Please review the benchmark to ensure target compliance.


Solution

Upgrade to a supported Oracle version. Purchase an Oracle Extended Support Contract where required.

See http://www.oracle.com/technology/support/patches.htm for a definitive list of version patch sets for Oracle DBMS software.

See http://www.oracle.com/support/library/brochure/lifetime-support-technology.pdf for Oracle support policies and timelines.


Supportive Information

The following resource is also helpful.

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.


References


Source