STIGQter: STIG Summary: Oracle HTTP Server 12.1.3 Security Technical Implementation Guide Version: 1 Release: 7 Benchmark Date: 24 Jul 2020:

The ListenAddress property of the Node Manager configured to support OHS must match the CN of the certificate used by Node Manager.

DISA Rule

SV-79089r1_rule

Vulnerability Number

V-64599

Group Title

SRG-APP-000516-WSR-000174

Rule Version

OH12-1X-000180

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

1. Open $DOMAIN_HOME/nodemanager/nodemanager.properties with an editor.

2. Search for the "ListenAddress" property.

3. Set the "ListenAddress" property to the CN of the Node Manager certificate, add the property if it does not exist.

Check Contents

1. Open $DOMAIN_HOME/nodemanager/nodemanager.properties with an editor.

2. Search for the "ListenAddress" property.

3. If the property does not exist or is not set to the CN of the Node Manager certificate, this is a finding.

Vulnerability Number

V-64599

Documentable

False

Rule Version

OH12-1X-000180

Severity Override Guidance

1. Open $DOMAIN_HOME/nodemanager/nodemanager.properties with an editor.

2. Search for the "ListenAddress" property.

3. If the property does not exist or is not set to the CN of the Node Manager certificate, this is a finding.

Check Content Reference

M

Target Key

2753

Comments