STIGQter: STIG Summary: General Purpose Operating System SRG Version: 1 Release: 6 Benchmark Date: 26 Jul 2019:

The operating system must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.

DISA Rule

SV-71147r1_rule

Vulnerability Number

V-56887

Group Title

SRG-OS-000205-GPOS-00083

Rule Version

SRG-OS-000205-GPOS-00083

Severity

CAT II

CCI(s)

• CCI-001312 - The information system generates error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.

Weight

10

Fix Recommendation

Configure the operating system to generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.

Check Contents

Verify the operating system generates error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. If it does not, this is a finding.

Vulnerability Number

V-56887

Documentable

False

Rule Version

SRG-OS-000205-GPOS-00083

Severity Override Guidance

Verify the operating system generates error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. If it does not, this is a finding.

Check Content Reference

M

Target Key

2739

Comments