STIGQter: STIG Summary: ISEC7 Sphere Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The Apache Tomcat shutdown port must be disabled.

DISA Rule

SV-224789r505933_rule

Vulnerability Number

V-224789

Group Title

SRG-APP-000380

Rule Version

ISEC-06-551300

Severity

CAT II

CCI(s)

• CCI-001813 - The information system enforces access restrictions.

Weight

10

Fix Recommendation

Log in to the EMM Suite server.
Browse to Program Files\Isec7 EMM Suite\Tomcat\Conf
Open the server.xml with Notepad.exe
Select Edit >> Find and search for Shutdown.
Change the shutdown to -1

example: shutdown=-1

Save the file and restart the Isec7 EMM Suite Web service with the services.msc

Check Contents

Verify the shutdown port is disabled.

Log in to the EMM Suite server.
Browse to Program Files\Isec7 EMM Suite\Tomcat\Conf
Open the server.xml with Notepad.exe
Select Edit >> Find and search for Shutdown.
Verify that the shutdown port has been disabled with below entry:

shutdown="-1"

If the shutdown port has not been disabled, this is a finding.

Vulnerability Number

V-224789

Documentable

False

Rule Version

ISEC-06-551300

Severity Override Guidance

Verify the shutdown port is disabled.

Log in to the EMM Suite server.
Browse to Program Files\Isec7 EMM Suite\Tomcat\Conf
Open the server.xml with Notepad.exe
Select Edit >> Find and search for Shutdown.
Verify that the shutdown port has been disabled with below entry:

shutdown="-1"

If the shutdown port has not been disabled, this is a finding.

Check Content Reference

M

Target Key

4200

Comments