STIGQter: STIG Summary: Unified Endpoint Management Server Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The UEM server must be configured to use X.509v3 certificates for code signing for system software updates.

DISA Rule

SV-234574r617355_rule

Vulnerability Number

V-234574

Group Title

SRG-APP-000427

Rule Version

SRG-APP-000427-UEM-000299

Severity

CAT II

CCI(s)

• CCI-002470 - The information system only allows the use of organization-defined certificate authorities for verification of the establishment of protected sessions.

Weight

10

Fix Recommendation

Configure the UEM server to use X.509v3 certificates for code signing for system software updates.

Check Contents

Verify the UEM server uses X.509v3 certificates for code signing for system software updates.

If the UEM server does not use X.509v3 certificates for code signing for system software updates, this is a finding.

Vulnerability Number

V-234574

Documentable

False

Rule Version

SRG-APP-000427-UEM-000299

Severity Override Guidance

Verify the UEM server uses X.509v3 certificates for code signing for system software updates.

If the UEM server does not use X.509v3 certificates for code signing for system software updates, this is a finding.

Check Content Reference

M

Target Key

5269

Comments