STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Oracle HTTP Server 12.1.3 Security Technical Implementation Guide

V-221419

CAT II (Medium)

The ListenAddress property of the Node Manager configured to support OHS must match the CN of the certificate used by Node Manager.

Rule ID

SV-221419r961863_rule

STIG

Oracle HTTP Server 12.1.3 Security Technical Implementation Guide

Version

V2R3

CCIs

CCI-000366

Discussion

Oracle Node Manager is the utility that is used to perform common operational tasks for OHS. For connections to be made to the Node Manager, it must listen on an assigned address. When this parameter is not set, the Node Manager will listen on all available addresses on the server. This may lead to the Node Manager listening on networks, i.e., public network space, where Node Manager may become susceptible to attack instead of being limited to listening for connections on a controlled and secure management network. It is also important that the address specified matches the CN of the Node Manager.

Check Content

1. Open $DOMAIN_HOME/nodemanager/nodemanager.properties with an editor.

2. Search for the "ListenAddress" property.

3. If the property does not exist or is not set to the CN of the Node Manager certificate, this is a finding.

Fix Text

1. Open $DOMAIN_HOME/nodemanager/nodemanager.properties with an editor.

2. Search for the "ListenAddress" property.

3. Set the "ListenAddress" property to the CN of the Node Manager certificate, add the property if it does not exist.