STIGQter: STIG Summary: HPE 3PAR StoreServ 3.2.x Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 28 Jul 2017:

The CIM service must use DoD-approved encryption.

DISA Rule

SV-89333r1_rule

Vulnerability Number

V-74659

Group Title

SRG-OS-000423-GPOS-00187

Rule Version

HP3P-32-001006

Severity

CAT I

CCI(s)

• CCI-002418 - The information system protects the confidentiality and/or integrity of transmitted information.

Weight

10

Fix Recommendation

Disable unsecured CIM ports and enable secured CIM ports with the following command:

cli% setcim -http disable -https enable

Confirm the operation with "y"

Check Contents

Determine if the CIM service is running with proper encryption via the following command:

cli% showcim

If the CIM service is "Disabled" and the CIM service "State" is "Inactive", this requirement is not applicable.

If the output does not report the CIM HTTP value is "Disabled", this is a finding.

If the output does not report the CIM HPPTSPort value is "5989", this is a finding.

Vulnerability Number

V-74659

Documentable

False

Rule Version

HP3P-32-001006

Severity Override Guidance

Determine if the CIM service is running with proper encryption via the following command:

cli% showcim

If the CIM service is "Disabled" and the CIM service "State" is "Inactive", this requirement is not applicable.

If the output does not report the CIM HTTP value is "Disabled", this is a finding.

If the output does not report the CIM HPPTSPort value is "5989", this is a finding.

Check Content Reference

M

Target Key

3013

Comments