STIGQter: STIG Summary: Mozilla Firefox Security Technical Implementation Guide Version: 5 Release: 1 Benchmark Date: 22 Jan 2021:

FireFox is configured to use a password store with or without a master password.

DISA Rule

SV-223162r612236_rule

Vulnerability Number

V-223162

Group Title

SRG-APP-000141

Rule Version

DTBF160

Severity

CAT II

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

Ensure the preference “signon.rememberSignons“ is set and locked to the value of “false”.

Check Contents

Type "about:config" in the browser window. Verify that the preference name “signon.rememberSignons" is set and locked to “false”.

Criteria: If the parameter is set incorrectly, then this is a finding.

If the setting is not locked, then this is a finding.

Vulnerability Number

V-223162

Documentable

False

Rule Version

DTBF160

Severity Override Guidance

Type "about:config" in the browser window. Verify that the preference name “signon.rememberSignons" is set and locked to “false”.

Criteria: If the parameter is set incorrectly, then this is a finding.

If the setting is not locked, then this is a finding.

Check Content Reference

M

Target Key

4097

Comments