How to manage the Oracle ALLOWED_LOGON_VERSION=12 flag in Database Vulnerability Manager
Last Modified: 2023-09-07 04:58:15 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
How to manage the Oracle ALLOWED_LOGON_VERSION=12 flag in Database Vulnerability Manager
Technical Articles ID:
KB79566
Last Modified: 2023-09-07 04:58:15 Etc/GMT EnvironmentVulnerability Manager for Databases (DVM) 4.x
Oracle Database Problem 1This issue is relevant for scanning Oracle
DVM uses Oracle driver version
If you want to use the IMPORTANT: Oracle driver replacement is supported only in DVM 4.4.4 and later. Earlier versions of DVM do not support Oracle driver replacement.
You can see an indication of this issue when you set up an Oracle DVM instance, and you see the following authentication error during setup: Problem 2Because of an Oracle authentication vulnerability (CVE-2012-3137), Oracle recommends that you use
If you set this parameter, older Oracle drivers can no longer connect to the latest versions, 11.2.0.x and 12.x, of Oracle. NOTE: In Oracle SolutionImplement only one of the following two possible options:
To replace the Oracle driver used by DVM (ePO version):
To replace the Oracle driver used by DVM (standalone version):
NOTE: The following procedure affects the import from the TNS file feature and it might not be available after the change.
Related InformationFor information about configuring Oracle as a back-end database with the
Affected ProductsLanguages:This article is available in the following languages: |
|