U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

Oracle WebLogic Server 12c STIG Ver 2, Rel 1 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Oracle Weblogic Server cpe:/a:oracle:weblogic_server:10.3 (View CVEs)

Checklist Highlights

Checklist Name:
Oracle WebLogic Server 12c STIG
Checklist ID:
670
Version:
Ver 2, Rel 1
Type:
Compliance
Review Status:
Final
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
04/22/2016

Checklist Summary:

The Oracle WebLogic Server 12c Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems and designed to assist Security Managers (SMs), Information System Security Manager (ISSMs), Information System Security Officer (ISSOs), and System Administrators (SAs) with configuring and maintaining security controls. This guidance supports DoD system design, development, implementation, certification, and accreditation efforts.

Checklist Role:

  • Web Server

Known Issues:

Not Provided

Target Audience:

Developed for the DOD. This checklist has been created for IT professionals, particularly Windows system administrators and information security personnel. The document assumes that the reader has experience installing and administering applications on Windows-based systems in domain or standalone configurations.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not Provided

Regulatory Compliance:

Department of Defense [DoD] Directive 8500

Comments/Warnings/Miscellaneous:

Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Disclaimer:

Not Provided

Product Support:

Not Provided

Point of Contact:

Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Sponsor:

Not Provided

Licensing:

Not Provided

Change History: 

moved to FINAL - 6/7/2016
null
Updated URL to reflect change to the DISA website - http --> https
Updated - 11/01/2017
Updated to FINAL - 11/27/2017
updated to v1,r4 - 02/16/2018
Updated to FINAL - 3/18/2018
Updated to Ver 1, Rel 5 - 10/25/18
Updated to FINAL - 11/26/18
Updated URLs - 6/13/19
Updated URLs - 8/12/2019
updated URLs - 4/28/2021

Dependency/Requirements:

URL Description
https://dl.dod.cyber.mil/wp-content/uploads/stigs/pdf/u_oracle_weblogic_12c_release_memo_v1.pdf Oracle WebLogic Server 12c Release Memo - Ver 1

References:

Reference URL Description

NIST checklist record last modified on 04/28/2021