STIGQter STIGQter: STIG Summary: Unified Endpoint Management Server Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The UEM server must validate certificates used for Transport Layer Security (TLS) functions by performing RFC 5280-compliant certification path validation.

DISA Rule

SV-234676r617355_rule

Vulnerability Number

V-234676

Group Title

SRG-APP-000605

Rule Version

SRG-APP-000605-UEM-000401

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the UEM server to validate certificates used for Transport Layer Security (TLS) functions by performing RFC 5280-compliant certification path validation.

Check Contents

Verify the UEM server validates certificates used for TLS functions by performing RFC 5280-compliant certification path validation.

If the UEM server does not validate certificates used for TLS functions by performing RFC 5280-compliant certification path validation, this is a finding.

Vulnerability Number

V-234676

Documentable

False

Rule Version

SRG-APP-000605-UEM-000401

Severity Override Guidance

Verify the UEM server validates certificates used for TLS functions by performing RFC 5280-compliant certification path validation.

If the UEM server does not validate certificates used for TLS functions by performing RFC 5280-compliant certification path validation, this is a finding.

Check Content Reference

M

Target Key

5269

Comments