STIGQter: STIG Summary: Multifunction Device and Network Printers STIG Version: 2 Release: 14 Benchmark Date: 25 Oct 2019:

Management protocols, with the exception of HTTPS and SNMPv3, must be disabled at all times except when necessary.

DISA Rule

SV-7005r2_rule

Vulnerability Number

V-6783

Group Title

MFD Management Protocols

Rule Version

MFD02.003

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Disable all management protocols except HTTPS and SNMPv3 unless approval has been granted by the organization's AO/ISSM.

Check Contents

Verify that all management protocols are disabled unless approved by the organization's AO/ISSM.

Protocols may be enabled temporarily if needed to upgrade firmware or configure the device, but must be disabled immediately when this activity is completed. HTTPS and SNMPv3 may be used but must be configured in accordance with the requirements of the Network Infrastructure STIG.

If management protocols other than HTTPS and SNMPv3 are enabled unnecessarily or without AO/ISSM approval, this is a finding.

Vulnerability Number

V-6783

Documentable

False

Rule Version

MFD02.003

Severity Override Guidance

Verify that all management protocols are disabled unless approved by the organization's AO/ISSM.

Protocols may be enabled temporarily if needed to upgrade firmware or configure the device, but must be disabled immediately when this activity is completed. HTTPS and SNMPv3 may be used but must be configured in accordance with the requirements of the Network Infrastructure STIG.

If management protocols other than HTTPS and SNMPv3 are enabled unnecessarily or without AO/ISSM approval, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

551

Comments