STIGQter STIGQter: STIG Summary: ISEC7 Sphere Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

LockOutRealm must not be removed from Apache Tomcat.

DISA Rule

SV-224782r505933_rule

Vulnerability Number

V-224782

Group Title

SRG-APP-000383

Rule Version

ISEC-06-550300

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Login to the ISEC7 EMM Suite server.
Navigate to <Drive>:\Program Files\Isec7 EMM Suite\Tomcat\Config
Open the server.xml file with Notepad.
Select Edit >> Find and search for LockOutRealm.
Add the following line is in the server.xml file:

<Realm className="org.apache.catalina.realm.LockOutRealm">

Restart the ISEC7 EMM Suite Web service in the services.msc

Check Contents

Log in to the ISEC7 EMM Suite server.
Navigate to <Drive>:\Program Files\Isec7 EMM Suite\Tomcat\Config
Open the server.xml file with Notepad.
Select Edit >> Find and search for LockOutRealm.
Confirm the following line is in the server.xml file:

<Realm className="org.apache.catalina.realm.LockOutRealm">

If it is not found or has been commented out, this is a finding.

If the LockOutRealm has been removed and can't be used, this is a finding.

Vulnerability Number

V-224782

Documentable

False

Rule Version

ISEC-06-550300

Severity Override Guidance

Log in to the ISEC7 EMM Suite server.
Navigate to <Drive>:\Program Files\Isec7 EMM Suite\Tomcat\Config
Open the server.xml file with Notepad.
Select Edit >> Find and search for LockOutRealm.
Confirm the following line is in the server.xml file:

<Realm className="org.apache.catalina.realm.LockOutRealm">

If it is not found or has been commented out, this is a finding.

If the LockOutRealm has been removed and can't be used, this is a finding.

Check Content Reference

M

Target Key

4200

Comments