STIGQter: STIG Summary: Adobe ColdFusion 11 Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 26 Jan 2018:

ColdFusion must use cryptography mechanisms to protect the integrity of data sent to the PDF Service.

DISA Rule

SV-76839r1_rule

Vulnerability Number

V-62349

Group Title

SRG-APP-000015-AS-000010

Rule Version

CF11-01-000004

Severity

CAT II

CCI(s)

• CCI-001453 - The information system implements cryptographic mechanisms to protect the integrity of remote access sessions.

Weight

10

Fix Recommendation

If there are no PDF Service Managers in use, the finding is not applicable.

Access the "PDF Service" page under the "Data & Services" menu within the Administrator Console. Edit each service and check the "Https Enabled" option.

Check Contents

Access the "PDF Service" page under the "Data & Services" menu within the Administrator Console.

If there are no PDF Service Managers defined, the finding is not applicable.

If any PDF Service Managers listed have "Https Enabled" set to "NO", this is a finding.

Vulnerability Number

V-62349

Documentable

False

Rule Version

CF11-01-000004

Severity Override Guidance

Access the "PDF Service" page under the "Data & Services" menu within the Administrator Console.

If there are no PDF Service Managers defined, the finding is not applicable.

If any PDF Service Managers listed have "Https Enabled" set to "NO", this is a finding.

Check Content Reference

M

Target Key

2661

Comments