STIGQter: STIG Summary: Adobe ColdFusion 11 Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 26 Jan 2018:

ColdFusion must control remote access to the Administrator Console.

DISA Rule

SV-76849r1_rule

Vulnerability Number

V-62359

Group Title

SRG-APP-000315-AS-000094

Rule Version

CF11-01-000016

Severity

CAT II

CCI(s)

• CCI-002314 - The information system controls remote access methods.

Weight

10

Fix Recommendation

Navigate to the "Allowed IP Addresses" page under the "Security" menu. Set the list of allowed IP addresses for accessing ColdFusion Administrator to only those IP addresses or subnets that should be capable of reaching the Administrator Console.

Check Contents

Within the Administrator Console, navigate to the "Allowed IP Addresses" page under the "Security" menu.

If the list of allowed IP addresses for accessing the ColdFusion Administrator is blank, is set to "*.*.*.*" or contains IP addresses/subnets that should not have access, this is a finding.

Vulnerability Number

V-62359

Documentable

False

Rule Version

CF11-01-000016

Severity Override Guidance

Within the Administrator Console, navigate to the "Allowed IP Addresses" page under the "Security" menu.

If the list of allowed IP addresses for accessing the ColdFusion Administrator is blank, is set to "*.*.*.*" or contains IP addresses/subnets that should not have access, this is a finding.

Check Content Reference

M

Target Key

2661

Comments