STIGQter: STIG Summary: Adobe ColdFusion 11 Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 26 Jan 2018:

ColdFusion must have example collections removed.

DISA Rule

SV-76937r1_rule

Vulnerability Number

V-62447

Group Title

SRG-APP-000141-AS-000095

Rule Version

CF11-03-000118

Severity

CAT II

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

Remove the sample collections by navigating to the "ColdFusion Collections" page under the "Data & Services" menu. Delete the bookclub collection.

Check Contents

Several sample services are installed with the ColdFusion server. From the Administrator Console, go to the "ColdFusion Collections" page under the "Data & Services" menu.

If the bookclub collection exists, this is a finding.

Vulnerability Number

V-62447

Documentable

False

Rule Version

CF11-03-000118

Severity Override Guidance

Several sample services are installed with the ColdFusion server. From the Administrator Console, go to the "ColdFusion Collections" page under the "Data & Services" menu.

If the bookclub collection exists, this is a finding.

Check Content Reference

M

Target Key

2661

Comments