STIGQter: STIG Summary: Oracle HTTP Server 12.1.3 Security Technical Implementation Guide Version: 1 Release: 7 Benchmark Date: 24 Jul 2020:

All utility programs, not necessary for operations, must be removed or disabled.

DISA Rule

SV-79157r1_rule

Vulnerability Number

V-64667

Group Title

SRG-APP-000516-WSR-000174

Rule Version

OH12-1X-000215

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Remove any software that is unnecessary for OHS operation, other organization requirements, or is not appropriately patched or supported.

Check Contents

1. Check the server for software that is unnecessary for OHS operation.

2. If the software is unnecessary for OHS, other organization requirements, or is not appropriately patched or supported, this is a finding.

Vulnerability Number

V-64667

Documentable

False

Rule Version

OH12-1X-000215

Severity Override Guidance

1. Check the server for software that is unnecessary for OHS operation.

2. If the software is unnecessary for OHS, other organization requirements, or is not appropriately patched or supported, this is a finding.

Check Content Reference

M

Target Key

2753

Comments