STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 7 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Oracle HTTP Server 12.1.3 Security Technical Implementation Guide

V-221419

CAT II (Medium)

The ListenAddress property of the Node Manager configured to support OHS must match the CN of the certificate used by Node Manager.

Rule ID

SV-221419r961863_rule

STIG

Oracle HTTP Server 12.1.3 Security Technical Implementation Guide

Version

V2R3

CCIs

CCI-000366

Discussion

Oracle Node Manager is the utility that is used to perform common operational tasks for OHS. For connections to be made to the Node Manager, it must listen on an assigned address. When this parameter is not set, the Node Manager will listen on all available addresses on the server. This may lead to the Node Manager listening on networks, i.e., public network space, where Node Manager may become susceptible to attack instead of being limited to listening for connections on a controlled and secure management network. It is also important that the address specified matches the CN of the Node Manager.

Check Content

1. Open $DOMAIN_HOME/nodemanager/nodemanager.properties with an editor.

2. Search for the "ListenAddress" property.

3. If the property does not exist or is not set to the CN of the Node Manager certificate, this is a finding.

Fix Text

1. Open $DOMAIN_HOME/nodemanager/nodemanager.properties with an editor.

2. Search for the "ListenAddress" property.

3. Set the "ListenAddress" property to the CN of the Node Manager certificate, add the property if it does not exist.