STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Oracle WebLogic Server 12c Security Technical Implementation Guide

V-235988

CAT III (Low)

Oracle WebLogic must protect the integrity of applications during the processes of data aggregation, packaging, and transformation in preparation for deployment.

Rule ID

SV-235988r961620_rule

STIG

Oracle WebLogic Server 12c Security Technical Implementation Guide

Version

V2R2

CCIs

CCI-002420

Discussion

Information can be subjected to unauthorized changes (e.g., malicious and/or unintentional modification) at information aggregation or protocol transformation points. It is therefore imperative the application take steps to validate and assure the integrity of data while at these stages of processing. The application server must ensure the integrity of data that is pending transfer for deployment is maintained. If the application were to simply transmit aggregated, packaged, or transformed data without ensuring the data was not manipulated during these processes, then the integrity of the data and the application itself may be called into question.

Check Content

1. Access AC 
2. From 'Domain Structure', select the top-level domain 
3. Select 'Configuration' tab -> 'General' tab 
4. Ensure 'Production Mode' checkbox is selected

If the 'Production Mode' checkbox is not selected, this is a finding.

Fix Text

1. Access AC 
2. From 'Domain Structure', select the top-level domain 
3. Select 'Configuration' tab -> 'General' tab 
4. Check 'Production Mode' checkbox. Click 'Save'
5. Restart all servers