STIGQter: STIG Summary: Java Runtime Environment (JRE) version 8 STIG for Windows Version: 1 Release: 5 Benchmark Date: 26 Jan 2018: Oracle JRE 8 must default to the most secure built-in setting.

DISA Rule

SV-81435r2_rule

Vulnerability Number

V-66945

Group Title

SRG-APP-000516

Rule Version

JRE8-WN-000060

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Navigate to the system-level "deployment.properties" file for JRE.

Add the key "deployment.security.level=VERY_HIGH" to the "deployment.properties" file.

Add the key "deployment.security.level.locked" to the "deployment.properties" file.

Check Contents

Navigate to the system-level "deployment.properties" file for JRE.

<Windows Directory>\Sun\Java\Deployment\deployment.properties
- or -
<JRE Installation Directory>\Lib\deployment.properties

If the key "deployment.security.level=VERY_HIGH" is not present in the "deployment.properties file", or is set to "HIGH", this is a finding.

If the key "deployment.security.level.locked" is not present in the "deployment.properties" file, this is a finding.

Vulnerability Number

V-66945

Documentable

False

Rule Version

JRE8-WN-000060

Severity Override Guidance

Navigate to the system-level "deployment.properties" file for JRE.

<Windows Directory>\Sun\Java\Deployment\deployment.properties
- or -
<JRE Installation Directory>\Lib\deployment.properties

If the key "deployment.security.level=VERY_HIGH" is not present in the "deployment.properties file", or is set to "HIGH", this is a finding.

If the key "deployment.security.level.locked" is not present in the "deployment.properties" file, this is a finding.

Check Content Reference

M

Target Key

3045

Comments