STIGQter: STIG Summary: IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The MQ Appliance network device must enforce a minimum 15-character password length.

DISA Rule

SV-89623r1_rule

Vulnerability Number

V-74949

Group Title

SRG-APP-000164-NDM-000252

Rule Version

MQMH-ND-000560

Severity

CAT II

CCI(s)

• CCI-000205 - The information system enforces minimum password length.

Weight

10

Fix Recommendation

Log on to the MQ Appliance WebGUI as a privileged user. Go to Administration (gear icon) >> Access >> RBM Settings.

Set Authentication Method to LDAP.

Configure the LDAP server connection as required.

Expand Password Policy.

In Password Policy, set minimum password length to 15.

Check Contents

Log on to the MQ Appliance WebGUI as a privileged user. Go to Administration (gear icon) >> Access >> RBM Settings.

Verify the Authentication Method is set to LDAP.

Expand Password Policy.

Verify the (local) Password Policy for the Fallback user minimum length is set to 15.

If MQ is not set to LDAP authentication or if the local password policy is not configured to meet the requirement, this is a finding.

Vulnerability Number

V-74949

Documentable

False

Rule Version

MQMH-ND-000560

Severity Override Guidance

Log on to the MQ Appliance WebGUI as a privileged user. Go to Administration (gear icon) >> Access >> RBM Settings.

Verify the Authentication Method is set to LDAP.

Expand Password Policy.

Verify the (local) Password Policy for the Fallback user minimum length is set to 15.

If MQ is not set to LDAP authentication or if the local password policy is not configured to meet the requirement, this is a finding.

Check Content Reference

M

Target Key

3243

Comments