STIGQter: STIG Summary: Adobe ColdFusion 11 Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 26 Jan 2018:

ColdFusion must provide a clustering capability.

DISA Rule

SV-76967r1_rule

Vulnerability Number

V-62477

Group Title

SRG-APP-000225-AS-000154

Rule Version

CF11-05-000173

Severity

CAT II

CCI(s)

• CCI-001190 - The information system fails to an organization-defined known-state for organization-defined types of failures.

Weight

10

Fix Recommendation

Navigate to the "Cluster Manager" under the "Enterprise Manager" menu. Create a cluster by defining a name and adding it to the configured clusters. Edit the cluster to add available servers to the cluster and submit the changes to the cluster.

Check Contents

This requirement is dependent upon system mission criticality.

If the system is not mission critical and does not require redundancy, this finding is not applicable.

Within the Administrator Console, navigate to the "Cluster Manager" under the "Enterprise Manager" menu. Verify that there are configured clusters with more than 1 server in each cluster.

If there are no clusters defined or there is only one server in the cluster, this is a finding.

Vulnerability Number

V-62477

Documentable

False

Rule Version

CF11-05-000173

Severity Override Guidance

This requirement is dependent upon system mission criticality.

If the system is not mission critical and does not require redundancy, this finding is not applicable.

Within the Administrator Console, navigate to the "Cluster Manager" under the "Enterprise Manager" menu. Verify that there are configured clusters with more than 1 server in each cluster.

If there are no clusters defined or there is only one server in the cluster, this is a finding.

Check Content Reference

M

Target Key

2661

Comments