STIGQter STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 2 Release: 7 Benchmark Date: 25 Oct 2019: The application server must use multifactor authentication for network access to privileged accounts.

DISA Rule

SV-46587r3_rule

Vulnerability Number

V-35300

Group Title

SRG-APP-000149-AS-000102

Rule Version

SRG-APP-000149-AS-000102

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the application server to authenticate privileged users via multifactor authentication for network access to the management interface.

Check Contents

Review the application server configuration to ensure the system is authenticating via multifactor authentication for privileged users.

If all aspects of application server web management interfaces are not authenticating privileged users via multifactor authentication methods, this is a finding.

Vulnerability Number

V-35300

Documentable

False

Rule Version

SRG-APP-000149-AS-000102

Severity Override Guidance

Review the application server configuration to ensure the system is authenticating via multifactor authentication for privileged users.

If all aspects of application server web management interfaces are not authenticating privileged users via multifactor authentication methods, this is a finding.

Check Content Reference

M

Target Key

2388

Comments