STIGQter: STIG Summary: Adobe ColdFusion 11 Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 26 Jan 2018:

ColdFusion must control remote access to Exposed Services.

DISA Rule

SV-76851r1_rule

Vulnerability Number

V-62361

Group Title

SRG-APP-000315-AS-000094

Rule Version

CF11-01-000017

Severity

CAT II

CCI(s)

• CCI-002314 - The information system controls remote access methods.

Weight

10

Fix Recommendation

Navigate to the "Allowed IP Addresses" page under the "Security" menu. Remove all entries from the list under the "Allowed IP Addresses for Exposed Services" section that do not require access to ColdFusion services.

Check Contents

Within the Administrator Console, navigate to the "Allowed IP Addresses" page under the "Security" menu. If there are any entries in the "Allowed IP Addresses for Exposed Services" section, validate with the SA that the IP addresses and subnets specified require access.

If any of the IP addresses or subnets specified do not require access, this is a finding.

Vulnerability Number

V-62361

Documentable

False

Rule Version

CF11-01-000017

Severity Override Guidance

Within the Administrator Console, navigate to the "Allowed IP Addresses" page under the "Security" menu. If there are any entries in the "Allowed IP Addresses for Exposed Services" section, validate with the SA that the IP addresses and subnets specified require access.

If any of the IP addresses or subnets specified do not require access, this is a finding.

Check Content Reference

M

Target Key

2661

Comments