| VID |
25166 |
| Severity |
30 |
| Port |
1521, ... |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
PASSWORD_REUSE_MAX value of the ORACLE server on the host system is unsafe. PASSWORD_REUSE_MAX means number of times a password must be changed before a previous password can be used again. If PASSWORD_REUSE_MAX is not set or is set to more than 10, the possibility of password leak can increase.
* Platforms Affected:
UNIX any version
Linux any version
Microsoft Windows any version |
| Recommendation |
Reset PASSWORD_REUSE_MAX value as following.
SQL> ALTER PROFILE DEFAULT LIMIT
SQL> PASSWORD_REUSE_MAX 10; (or less)
SQL> ALTER PROFILE [profile_name] LIMIT
SQL> PASSWORD_REUSE_MAX default; |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
