STIGQter: STIG Summary: VMW vRealize Automation 7.x HA Proxy Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

HAProxy libraries, and configuration files must only be accessible to privileged users.

DISA Rule

SV-99847r1_rule

Vulnerability Number

V-89197

Group Title

SRG-APP-000380-WSR-000072

Rule Version

VRAU-HA-000390

Severity

CAT II

CCI(s)

• CCI-001813 - The information system enforces access restrictions.

Weight

10

Fix Recommendation

Navigate to any listed files with incorrect permissions or ownership and set them in accordance with site policy.

Check Contents

At the command prompt, execute the following command:

ls -alR /etc/haproxy /etc/init.d/haproxy /usr/sbin/haproxy

If any configuration or application files have permissions greater than "750" or are not owned by "root", this is a finding.

Vulnerability Number

V-89197

Documentable

False

Rule Version

VRAU-HA-000390

Severity Override Guidance

At the command prompt, execute the following command:

ls -alR /etc/haproxy /etc/init.d/haproxy /usr/sbin/haproxy

If any configuration or application files have permissions greater than "750" or are not owned by "root", this is a finding.

Check Content Reference

M

Target Key

3455

Comments