4.7 Ensure No Public Database Links Exist

Information

Public database links provide a mechanism for establishing connections between databases, enabling data access across multiple environments.

Public database links pose a security risk because they allow any database user to execute queries or modify data on a remote database, depending on the credentials stored in the link. This can lead to unauthorized access, data breaches, and compliance violations.

Solution

To remove a public database link, execute the following SQL command:

DROP PUBLIC DATABASE LINK <DB_LINK>;

Impact:

Applications relying on public database links may fail after removal. Alternative connection methods (e.g., private database links) may need to be implemented.

See Also

https://workbench.cisecurity.org/benchmarks/16474

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|14.6

Plugin: OracleDB

Control ID: dd937cf063a5c6bfade10c0f6d57db871f994c66a091af598225ea4ce1788a17