Oracle WebLogic must limit the use of resources by priority and not impede the host from servicing processes designated as a higher-priority.

From Oracle WebLogic Server 12c Security Technical Implementation Guide

Part of SRG-APP-000248-AS-000164

Associated with: CCI-001096

SV-70595r1_rule Oracle WebLogic must limit the use of resources by priority and not impede the host from servicing processes designated as a higher-priority.

Vulnerability discussion

Priority protection helps the application server prevent a lower-priority application process from delaying or interfering with any higher-priority application processes. If the application server is not capable of managing application resource requests, the application server could become overwhelmed by a high volume of low-priority resource requests which can cause an availability issue.This requirement only applies to Mission Assurance Category 1 systems and does not apply to information systems with a Mission Assurance Category of 2 or 3.

Check content

1. Access AC 2. From 'Domain Structure', select 'Environment' -> 'Work Managers' 3. Existing Work Managers will appear in the list If Work Managers are not created to allow prioritization of resources, this is a finding.

Fix text

1. Access AC 2. From 'Domain Structure', select 'Environment' -> 'Work Managers' 3. Utilize 'Change Center' to create a new change session 4. Click 'New', select 'Work Manager' radio option, click 'Next' 5. Type a unique name, click 'Next', select server(s) which to apply this work manager to, click 'Finish' 6. Select newly created work manager from table to configure 7. Set thread and capacity constraints for this work manager, target the server(s) to apply these constraints to, click 'Save' 8. Deploy applications requiring prioritization to the server(s) selected as target of the work manager in order to apply the priority conditions specified by the work manager to deployed applications

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer