STIGQter: STIG Summary: IBM MQ Appliance V9.0 AS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The MQ Appliance must automatically terminate a WebGUI user session after 600 seconds of idle time.

DISA Rule

SV-89487r1_rule

Vulnerability Number

V-74813

Group Title

SRG-APP-000295-AS-000263

Rule Version

MQMH-AS-000720

Severity

CAT II

CCI(s)

• CCI-002361 - The information system automatically terminates a user session after organization-defined conditions or trigger events requiring session disconnect.

Weight

10

Fix Recommendation

Log on to the MQ Appliance CLI as a privileged user.

To access the MQ Appliance CLI, enter:
mqcli

To enter configuration mode, enter:
co
web-mgmt
idle-timeout <600 seconds or less>
exit
write mem
y

Check Contents

Log on to the MQ Appliance CLI as a privileged user.

To access the MQ Appliance CLI, enter:
mqcli

To enter configuration mode, enter:
co
web-mgmt
show

If the idle-timeout value is not "600" seconds or less, this is a finding.

Vulnerability Number

V-74813

Documentable

False

Rule Version

MQMH-AS-000720

Severity Override Guidance

Log on to the MQ Appliance CLI as a privileged user.

To access the MQ Appliance CLI, enter:
mqcli

To enter configuration mode, enter:
co
web-mgmt
show

If the idle-timeout value is not "600" seconds or less, this is a finding.

Check Content Reference

M

Target Key

3239

Comments