STIGQter

STIGQter: STIG Summary: APACHE 2.2 Site for UNIX Security Technical Implementation Guide Version: 1 Release: 11 Benchmark Date: 25 Jan 2019:

Java software on production web servers must be limited to class files and the JAVA virtual machine.

DISA Rule

SV-33032r1_rule

Vulnerability Number

V-2265

Group Title

WG490

Rule Version

WG490 A22

Severity

CAT III

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Remove the unnecessary files from the web server.

Check Contents

Enter the commands:

find / -name *.java

find / -name *.jpp

If either file type is found, this is a finding.

Vulnerability Number

V-2265

Documentable

False

Rule Version

WG490 A22

Severity Override Guidance

Enter the commands:

find / -name *.java

find / -name *.jpp

If either file type is found, this is a finding.

Check Content Reference

M

Responsibility

Web Administrator

Target Key

161

Comments