STIGQter: STIG Summary: JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The JBoss Server must be configured to use certificates to authenticate admins.

DISA Rule

SV-213527r615939_rule

Vulnerability Number

V-213527

Group Title

SRG-APP-000149-AS-000102

Rule Version

JBOS-AS-000265

Severity

CAT II

CCI(s)

• CCI-000765 - The information system implements multifactor authentication for network access to privileged accounts.

Weight

10

Fix Recommendation

Configure the application server to authenticate privileged users via multifactor/certificate-based authentication mechanisms when using network access to the management interface.

Check Contents

Log on to the OS of the JBoss server with OS permissions that allow access to JBoss.
Using the relevant OS commands and syntax, cd to the <JBOSS_HOME>/bin/ folder.
Run the jboss-cli script.
Connect to the server and authenticate.

Follow these steps:
1. Identify the security realm assigned to the management interfaces by using the following command:

For standalone systems:
"ls /core-service=management/management-interface=<INTERFACE-NAME>"

For managed domain systems:
"ls /host=master/core-service=management/management-interface=<INTERFACE-NAME>"

Document the name of the security-realm associated with each management interface.

2. Review the security realm using the command:

For standalone systems:
"ls /core-service=management/security-realm=<SECURITY_REALM_NAME>/authentication"

For managed domains:
"ls /host=master/core-service=management/security-realm=<SECURITY_REALM_NAME>/authentication"

If the command in step 2 does not return a security realm that uses certificates for authentication, this is a finding.

Vulnerability Number

V-213527

Documentable

False

Rule Version

JBOS-AS-000265

Severity Override Guidance

Log on to the OS of the JBoss server with OS permissions that allow access to JBoss.
Using the relevant OS commands and syntax, cd to the <JBOSS_HOME>/bin/ folder.
Run the jboss-cli script.
Connect to the server and authenticate.

Follow these steps:
1. Identify the security realm assigned to the management interfaces by using the following command:

For standalone systems:
"ls /core-service=management/management-interface=<INTERFACE-NAME>"

For managed domain systems:
"ls /host=master/core-service=management/management-interface=<INTERFACE-NAME>"

Document the name of the security-realm associated with each management interface.

2. Review the security realm using the command:

For standalone systems:
"ls /core-service=management/security-realm=<SECURITY_REALM_NAME>/authentication"

For managed domains:
"ls /host=master/core-service=management/security-realm=<SECURITY_REALM_NAME>/authentication"

If the command in step 2 does not return a security realm that uses certificates for authentication, this is a finding.

Check Content Reference

M

Target Key

3987

Comments