STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server must map the authenticated identity to the individual user or group account for PKI-based authentication.

DISA Rule

SV-204756r508029_rule

Vulnerability Number

V-204756

Group Title

SRG-APP-000177

Rule Version

SRG-APP-000177-AS-000126

Severity

CAT II

CCI(s)

• CCI-000187 - The information system, for PKI-based authentication, maps the authenticated identity to the account of the individual or group.

Weight

10

Fix Recommendation

Configure the application server to utilize the DoD Enterprise PKI infrastructure.

Check Contents

Review application server documentation to ensure the application server provides a PKI integration capability that meets DoD PKI infrastructure requirements.

If the application server is not configured to meet this requirement, this is a finding.

Vulnerability Number

V-204756

Documentable

False

Rule Version

SRG-APP-000177-AS-000126

Severity Override Guidance

Review application server documentation to ensure the application server provides a PKI integration capability that meets DoD PKI infrastructure requirements.

If the application server is not configured to meet this requirement, this is a finding.

Check Content Reference

M

Target Key

2900

Comments