STIGQter: STIG Summary: Application Layer Gateway (ALG) Security Requirements Guide (SRG) Version: 1 Release: 2 Benchmark Date: 24 Jul 2015:

The ALG must check the validity of all data inputs except those specifically identified by the organization.

DISA Rule

SV-68891r1_rule

Vulnerability Number

V-54645

Group Title

SRG-NET-000401-ALG-000127

Rule Version

SRG-NET-000401-ALG-000127

Severity

CAT II

CCI(s)

• CCI-001310 - The information system checks the validity of organization-defined inputs.

Weight

10

Fix Recommendation

Configure the ALG to check the validity of all data inputs except those specifically identified by the organization.

Check Contents

Verify the ALG checks the validity of all data inputs except those specifically identified by the organization.

If the ALG does not check the validity of all data inputs except those specifically identified by the organization, this is a finding.

Vulnerability Number

V-54645

Documentable

False

Rule Version

SRG-NET-000401-ALG-000127

Severity Override Guidance

Verify the ALG checks the validity of all data inputs except those specifically identified by the organization.

If the ALG does not check the validity of all data inputs except those specifically identified by the organization, this is a finding.

Check Content Reference

M

Target Key

2489

Comments