STIGQter: STIG Summary: BlackBerry UEM Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The BlackBerry UEM server Blackberry Web Services must not be authorized access from external sources unnecessarily.

DISA Rule

SV-224387r604136_rule

Vulnerability Number

V-224387

Group Title

PP-MDM-991000

Rule Version

BUEM-00-200280

Severity

CAT II

CCI(s)

CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

Fix Recommendation

Configure BlackBerry UEM server Blackberry Web Services to block access by unnecessary to external sources (default configuration).

1. Access the UEM Server console.
2. On the left bar, access Settings >> General Settings >> Blackberry Web Services access.
3. If the status is not set to "disabled", change the status to "disabled" unless access has been approved by the ISSM.

Check Contents

Verify BlackBerry UEM server Blackberry Web Services has not been configured to allow access from external sources unnecessarily.

1. Log in to the UEM Server console.
2. On the left bar, access Settings >> General Settings >> Blackberry Web Services access.
3. Verify the status has not changed from disabled unless the ISSM has approved access.

If BlackBerry UEM server Blackberry Web Services has not disabled access from external sources unnecessarily without ISSM approval, this is a finding.

Vulnerability Number

V-224387

Documentable

False

Rule Version

BUEM-00-200280

Severity Override Guidance

Check Content Reference

Target Key

4134

The BlackBerry UEM server Blackberry Web Services must not be authorized access from external sources unnecessarily.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments