STIGQter: STIG Summary: A10 Networks ADC ALG Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The A10 Networks ADC must not have unnecessary scripts installed.

DISA Rule

SV-237035r639552_rule

Vulnerability Number

V-237035

Group Title

SRG-NET-000131-ALG-000085

Rule Version

AADC-AG-000034

Severity

CAT II

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

Do not load any unnecessary aFleX scripts on the device.

Check Contents

Review the ALG configuration to determine if any aFleX scripts are used on the device.

The following command displays all of the configured aFleX scripts:
show aflex all

If any scripts are present, ask the Administrator for documentation of each script.

If no documents can be provided explaining the script and showing where the ISSM or other responsible Security personnel acknowledged the script is being used, this is a finding.

Vulnerability Number

V-237035

Documentable

False

Rule Version

AADC-AG-000034

Severity Override Guidance

Review the ALG configuration to determine if any aFleX scripts are used on the device.

The following command displays all of the configured aFleX scripts:
show aflex all

If any scripts are present, ask the Administrator for documentation of each script.

If no documents can be provided explaining the script and showing where the ISSM or other responsible Security personnel acknowledged the script is being used, this is a finding.

Check Content Reference

M

Target Key

5285

Comments