STIGQter: STIG Summary: Web Server Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 26 Apr 2019:

A web server utilizing mobile code must meet DoD-defined mobile code requirements.

DISA Rule

SV-70273r2_rule

Vulnerability Number

V-56019

Group Title

SRG-APP-000206-WSR-000128

Rule Version

SRG-APP-000206-WSR-000128

Severity

CAT II

CCI(s)

• CCI-001166 - The information system identifies organization-defined unacceptable mobile code.

Weight

10

Fix Recommendation

Configure the web server to follow the DoD policies on mobile code.

Check Contents

Review the web server documentation and deployed configuration to determine whether mobile code used by hosted applications follows the DoD policies on the acquisition, development, and/or use of mobile code.

If the web server is not configured to follow the DoD policies on mobile code, this is a finding.

Vulnerability Number

V-56019

Documentable

False

Rule Version

SRG-APP-000206-WSR-000128

Severity Override Guidance

Review the web server documentation and deployed configuration to determine whether mobile code used by hosted applications follows the DoD policies on the acquisition, development, and/or use of mobile code.

If the web server is not configured to follow the DoD policies on mobile code, this is a finding.

Check Content Reference

M

Target Key

2557

Comments