STIGQter STIGQter: STIG Summary: Application Security and Development Security Technical Implementation Guide Version: 4 Release: 9 Benchmark Date: 25 Jan 2019: An XML firewall function must be deployed to protect web services when exposed to untrusted networks.

DISA Rule

SV-84865r1_rule

Vulnerability Number

V-70243

Group Title

APSC-DV-002420

Rule Version

APSC-DV-002420

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Deploy an XML firewall functionality to protect web services.

Check Contents

Review the system documentation and interview the application and system administrators.

Verify XML-based web services are used within the application.

If no XML-based web services are used in the application, this requirement is not applicable.

If the web service is not exposed to an untrusted network or boundary, this requirement is not applicable.

If XML-based web services are used within the application, ask the application representative for a network diagram identifying the XML firewall function placement.

Review the network diagrams and determine if any web services are exposed to untrusted networks like the Internet.

Verify an XML firewall function exists and firewall rules are implemented to protect the web services.

If network diagrams do not exist or all web services exposed to untrusted networks are not protected by the XML firewall functionality, this is a finding.

Vulnerability Number

V-70243

Documentable

False

Rule Version

APSC-DV-002420

Severity Override Guidance

Review the system documentation and interview the application and system administrators.

Verify XML-based web services are used within the application.

If no XML-based web services are used in the application, this requirement is not applicable.

If the web service is not exposed to an untrusted network or boundary, this requirement is not applicable.

If XML-based web services are used within the application, ask the application representative for a network diagram identifying the XML firewall function placement.

Review the network diagrams and determine if any web services are exposed to untrusted networks like the Internet.

Verify an XML firewall function exists and firewall rules are implemented to protect the web services.

If network diagrams do not exist or all web services exposed to untrusted networks are not protected by the XML firewall functionality, this is a finding.

Check Content Reference

M

Target Key

3009

Comments