STIGQter: STIG Summary: IBM WebSphere Traditional V9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 23 Aug 2018:

The WebSphere Application Server must prohibit or restrict the use of nonsecure ports, protocols, modules, and/or services as defined in the PPSM CAL and vulnerability assessments.

DISA Rule

SV-96007r1_rule

Vulnerability Number

V-81293

Group Title

SRG-APP-000142-AS-000014

Rule Version

WBSP-AS-000980

Severity

CAT II

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

Ensure all available ports are registered with PPSM.

Check Contents

In the administrative console, click Servers >> All Servers.

Select each [server_name].

Select >> Ports.

Confirm server ports are registered with PPSM.

Navigate to System Administration >> Deployment Manager >> Ports.

Confirm ports are registered with PPSM.

Navigate to System Administration >> node agents.

For each [node agent], select >> Ports.

Confirm ports are registered with PPSM.

If any of available ports are not registered with PPSM, or if those ports to be connected through the firewall are not approved by PPSM, this is a finding.

Vulnerability Number

V-81293

Documentable

False

Rule Version

WBSP-AS-000980

Severity Override Guidance

In the administrative console, click Servers >> All Servers.

Select each [server_name].

Select >> Ports.

Confirm server ports are registered with PPSM.

Navigate to System Administration >> Deployment Manager >> Ports.

Confirm ports are registered with PPSM.

Navigate to System Administration >> node agents.

For each [node agent], select >> Ports.

Confirm ports are registered with PPSM.

If any of available ports are not registered with PPSM, or if those ports to be connected through the firewall are not approved by PPSM, this is a finding.

Check Content Reference

M

Target Key

3399

Comments