STIGQter: STIG Summary: Mozilla Firefox Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 22 Jan 2021:

Network shell protocol is enabled in FireFox.

DISA Rule

SV-223157r612236_rule

Vulnerability Number

V-223157

Group Title

SRG-APP-000141

Rule Version

DTBF105

Severity

CAT II

CCI(s)

CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

Fix Recommendation

Procedure: Set the value of "network.protocol-handler.external.shell" to "false" and lock using the Mozilla.cfg file.

Check Contents

Procedure: Open a browser window, type "about:config" in the address bar.

Criteria: If the value of "network.protocol-handler.external.shell" is not "false" or is not locked, then this is a finding.

Vulnerability Number

V-223157

Documentable

False

Rule Version

DTBF105

Severity Override Guidance

Procedure: Open a browser window, type "about:config" in the address bar.

Criteria: If the value of "network.protocol-handler.external.shell" is not "false" or is not locked, then this is a finding.

Check Content Reference

Target Key

4097

Network shell protocol is enabled in FireFox.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments