STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server must use multifactor authentication for local access to privileged accounts.

DISA Rule

SV-204747r508029_rule

Vulnerability Number

V-204747

Group Title

SRG-APP-000151

Rule Version

SRG-APP-000151-AS-000103

Severity

CAT II

CCI(s)

• CCI-000767 - The information system implements multifactor authentication for local access to privileged accounts.

Weight

10

Fix Recommendation

Configure the application server to authenticate privileged users via multifactor authentication for local access to the management interface.

Check Contents

Review the application server configuration to ensure the system is authenticating via multifactor authentication for privileged users.

If all aspects of application server command line management interfaces are not authenticating privileged users via multifactor authentication methods, this is a finding.

Vulnerability Number

V-204747

Documentable

False

Rule Version

SRG-APP-000151-AS-000103

Severity Override Guidance

Review the application server configuration to ensure the system is authenticating via multifactor authentication for privileged users.

If all aspects of application server command line management interfaces are not authenticating privileged users via multifactor authentication methods, this is a finding.

Check Content Reference

M

Target Key

2900

Comments