STIGQter: STIG Summary: Voice Video Session Management Security Requirements Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The Voice Video Session Manager must generate session (call) records that provide information necessary for corrective actions without revealing personally identifiable information or sensitive information.

DISA Rule

SV-206837r508661_rule

Vulnerability Number

V-206837

Group Title

SRG-NET-000273

Rule Version

SRG-NET-000273-VVSM-00037

Severity

CAT II

CCI(s)

• CCI-001312 - The information system generates error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.

Weight

10

Fix Recommendation

Configure the Voice Video Session Manager to generate session records that provide information necessary for corrective actions without revealing personally identifiable information or sensitive information.

Check Contents

Verify the Voice Video Session Manager generates session records that provide information necessary for corrective actions without revealing personally identifiable information or sensitive information.

If the Voice Video Session Manager does not generate session records that provide information necessary for corrective actions without revealing personally identifiable information or sensitive information, this is a finding.

Vulnerability Number

V-206837

Documentable

False

Rule Version

SRG-NET-000273-VVSM-00037

Severity Override Guidance

Verify the Voice Video Session Manager generates session records that provide information necessary for corrective actions without revealing personally identifiable information or sensitive information.

If the Voice Video Session Manager does not generate session records that provide information necessary for corrective actions without revealing personally identifiable information or sensitive information, this is a finding.

Check Content Reference

M

Target Key

2916

Comments