STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server must use multifactor authentication for network access to privileged accounts.

DISA Rule

SV-204746r508029_rule

Vulnerability Number

V-204746

Group Title

SRG-APP-000149

Rule Version

SRG-APP-000149-AS-000102

Severity

CAT II

CCI(s)

• CCI-000765 - The information system implements multifactor authentication for network access to privileged accounts.

Weight

10

Fix Recommendation

Configure the application server to authenticate privileged users via multifactor authentication for network access to the management interface.

Check Contents

Review the application server configuration to ensure the system is authenticating via multifactor authentication for privileged users.

If all aspects of application server web management interfaces are not authenticating privileged users via multifactor authentication methods, this is a finding.

Vulnerability Number

V-204746

Documentable

False

Rule Version

SRG-APP-000149-AS-000102

Severity Override Guidance

Review the application server configuration to ensure the system is authenticating via multifactor authentication for privileged users.

If all aspects of application server web management interfaces are not authenticating privileged users via multifactor authentication methods, this is a finding.

Check Content Reference

M

Target Key

2900

Comments