STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 23 Oct 2020:

The application must audit who makes configuration changes to the application.

DISA Rule

SV-222512r508029_rule

Vulnerability Number

V-222512

Group Title

SRG-APP-000381

Rule Version

APSC-DV-001420

Severity

CAT II

CCI(s)

CCI-001814 - The Information system supports auditing of the enforcement actions.

Weight

Fix Recommendation

Configure the application to create log entries that can be used to identify the user accounts that make application configuration changes.

Check Contents

Review the application documentation and configuration settings.

Access the application configuration settings interface as a privileged user.

Make configuration changes to the application.

Review the application audit logs and ensure a log entry is made identifying the privileged user account that was used to make the changes.

If application configuration is maintained by using a text editor to modify a configuration file, modify the configuration file with a text editor. Review the system logs and ensure a log entry is made for the file modification that identifies the user that was used to make the changes.

If the user account is not logged, or is a group account such as "root", this is a finding.

If the user account used to make the changes is not logged in the audit records, this is a finding.

The application must audit who makes configuration changes to the application.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments