III - Administrative Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000435-AS-000069

  • Oracle WebLogic must protect the integrity of applications during the processes of data aggregation, packaging, and transformation in preparation for deployment.

    &lt;VulnDiscussion&gt;Information can be subjected to unauthorized changes (e.g., malicious and/or unintentional modification) at information aggre...
    Rule Low Severity
  • SRG-APP-000435-AS-000163

  • Oracle WebLogic must protect against or limit the effects of HTTP types of Denial of Service (DoS) attacks.

    &lt;VulnDiscussion&gt;Employing increased capacity and bandwidth combined with service redundancy can reduce the susceptibility to some DoS attacks...
    Rule Medium Severity
  • SRG-APP-000435-AS-000163

  • Oracle WebLogic must limit the use of resources by priority and not impede the host from servicing processes designated as a higher-priority.

    &lt;VulnDiscussion&gt;Priority protection helps the application server prevent a lower-priority application process from delaying or interfering wi...
    Rule Medium Severity
  • SRG-APP-000225-AS-000166

  • Oracle WebLogic must fail securely in the event of an operational failure.

    &lt;VulnDiscussion&gt; Fail secure is a condition achieved by the application server in order to ensure that in the event of an operational failure...
    Rule Medium Severity
  • SRG-APP-000440-AS-000167

  • Oracle WebLogic must employ approved cryptographic mechanisms when transmitting sensitive data.

    &lt;VulnDiscussion&gt;Preventing the disclosure of transmitted information requires that application servers take measures to employ approved crypt...
    Rule Medium Severity

