STIGQter: STIG Summary: Mozilla Firefox Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 22 Jan 2021:

Firefox must be configured to allow only TLS.

DISA Rule

SV-223152r612236_rule

Vulnerability Number

V-223152

Group Title

SRG-APP-000560

Rule Version

DTBF030

Severity

CAT II

CCI(s)

• CCI-001453 - The information system implements cryptographic mechanisms to protect the integrity of remote access sessions.

Weight

10

Fix Recommendation

Configure the following parameters using the Mozilla.cfg file:

LockPref "security.tls.version.min" is set to "2".
LockPref "security.tls.version.max" is set to "4".

Check Contents

Open a browser window, type "about:config" in the address bar.

Verify Preference Name "security.tls.version.min" is set to the value "2" and locked.
Verify Preference Name "security.tls.version.max" is set to the value "4" and locked.

Criteria: If the parameters are set incorrectly, this is a finding.

If the settings are not locked, this is a finding.

Vulnerability Number

V-223152

Documentable

False

Rule Version

DTBF030

Severity Override Guidance

Open a browser window, type "about:config" in the address bar.

Verify Preference Name "security.tls.version.min" is set to the value "2" and locked.
Verify Preference Name "security.tls.version.max" is set to the value "4" and locked.

Criteria: If the parameters are set incorrectly, this is a finding.

If the settings are not locked, this is a finding.

Check Content Reference

M

Target Key

4097

Comments