STIGQter: STIG Summary: Adobe ColdFusion 11 Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 26 Jan 2018:

ColdFusion must prohibit or restrict the use of nonsecure ports, protocols, modules, and/or services as defined in the PPSM CAL and vulnerability assessments.

DISA Rule

SV-76917r1_rule

Vulnerability Number

V-62427

Group Title

SRG-APP-000142-AS-000014

Rule Version

CF11-03-000107

Severity

CAT II

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

Reconfigure the services or data connections that are using an unapproved port to use an approved port.

Check Contents

Access the Administrator Console from a web browser. If a port is part of the URL, verify that the port used is an approved port.

Within the Administrator Console, navigate to each page under the "Data & Services" menu viewing the port settings for each connection and service.

If the Administrator Console or any "Data & Services" setting is not using an approved port, this is a finding.

Vulnerability Number

V-62427

Documentable

False

Rule Version

CF11-03-000107

Severity Override Guidance

Access the Administrator Console from a web browser. If a port is part of the URL, verify that the port used is an approved port.

Within the Administrator Console, navigate to each page under the "Data & Services" menu viewing the port settings for each connection and service.

If the Administrator Console or any "Data & Services" setting is not using an approved port, this is a finding.

Check Content Reference

M

Target Key

2661

Comments