Found this four policy violations under ‘Security’ category in OEM:
1. EXECUTE UTL_FILE privileges to PUBLIC
Recommendation: Oracle recommends that you revoke EXECUTE privileges on powerful packages from PUBLIC
Violation Count:1 Details: Package UTL_FILE
Solution:
REVOKE EXECUTE ON UTL_FILE FROM PUBLIC;
Anyone that happens to get any userid and password on your database will be able to use UTL_FILE.
This may be legitimate, or it may be malicious – and you have absolutely no control over it if the package is granted to public.
For example, person A legitimately dumps confidential data (or has a comma-delimited spreadsheet with payroll info) in the UTL_FILE directory. Person B, a casual employee who is unhappy and about to be fired, happens to get access to the database because the demo user SCOTT is unlocked with password TIGER. Person B can now access the confidential data.
Oracle uses the ‘least privilege’ security principal. That means Oracle recommends several packages, such as UTL_FILE, be granted execute on a need-to-use basis instead of simply granting to public.
2. Excessive PUBLIC EXECUTE privileges
Recommendation: Oracle recommends that you revoke EXECUTE privileges on powerful packages from PUBLIC
Violation Count:4 Details: Package UTL_SMTP, DBMS_RANDOM, UTL_TCP, UTL_HTTP
Solution:
REVOKE EXECUTE ON UTL_SMTP FROM PUBLIC;
REVOKE EXECUTE ON DBMS_RANDOM FROM PUBLIC;
REVOKE EXECUTE ON UTL_TCP FROM PUBLIC;
REVOKE EXECUTE ON UTL_HTTP FROM PUBLIC;
3. Well-known accounts Security
Recommendation: Oracle recommends that you to expire and lock well-known accounts
Violation Count:1 Details: Account OUTLN(open)
4. Default passwords Security
Recommendation: Oracle recommends that all default passwords be changed
Violation Count:1 Details: AccountOUTLN
References: