STIGQter: STIG Summary: Multifunction Device and Network Printers STIG Version: 2 Release: 14 Benchmark Date: 25 Oct 2019:

There is no restriction on where a MFD or a printer can be remotely managed.

DISA Rule

SV-7009r1_rule

Vulnerability Number

V-6784

Group Title

MFD or a printer can be managed from any IP

Rule Version

MFD02.005

Severity

CAT I

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Restrict access to the MFD's or printer's management function to a specific set of IP addresses. If the device lacks this functionality use an ACL in a router, firewall or switch to restrict the access.

Check Contents

The reviewer will, with the assistance of the SA, verify that the MFD or printer can only be remotely managed by SA or printer administrator from specific IPs (SA workstations and print spooler). Look for list that restricts the protocol used for administrative access to specific IP addresses.

Vulnerability Number

V-6784

Documentable

False

Rule Version

MFD02.005

Severity Override Guidance

The reviewer will, with the assistance of the SA, verify that the MFD or printer can only be remotely managed by SA or printer administrator from specific IPs (SA workstations and print spooler). Look for list that restricts the protocol used for administrative access to specific IP addresses.

Check Content Reference

M

Responsibility

System Administrator

Target Key

551

Comments