STIGQter: STIG Summary: Unified Endpoint Management Server Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

For UEM server using password authentication, the network element must use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process.

DISA Rule

SV-234375r617355_rule

Vulnerability Number

V-234375

Group Title

SRG-APP-000172

Rule Version

SRG-APP-000172-UEM-000102

Severity

CAT I

CCI(s)

• CCI-000197 - The information system, for password-based authentication, transmits only cryptographically-protected passwords.

Weight

10

Fix Recommendation

For a UEM server using password authentication, configure the network element to use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process.

Check Contents

For UEM server using password authentication, verify the network element uses FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process.

If UEM server using password authentication but the network element does not use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process, this is a finding.

Vulnerability Number

V-234375

Documentable

False

Rule Version

SRG-APP-000172-UEM-000102

Severity Override Guidance

For UEM server using password authentication, verify the network element uses FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process.

If UEM server using password authentication but the network element does not use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process, this is a finding.

Check Content Reference

M

Target Key

5269

Comments