STIGQter: STIG Summary: Tanium 7.0 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 July 2018:

The Tanium Server certificates must have Extended Key Usage entries for the serverAuth object TLS Web Server Authentication and the clientAuth object TLS Web Client Authentication.

DISA Rule

SV-93393r1_rule

Vulnerability Number

V-78687

Group Title

SRG-APP-000175

Rule Version

TANS-SV-000020

Severity

CAT II

CCI(s)

CCI-000185 - The information system, for PKI-based authentication, validates certifications by constructing and verifying a certification path to an accepted trust anchor including checking certificate status information.

Weight

Fix Recommendation

Request or regenerate the certificate being used to include both the "Server Authentication" and "Client Authentication" objects.

Check Contents

Access the Tanium Server interactively.

Log on with an account with administrative privileges to the server.

Navigate to Program Files >> Tanium >> Tanium Server.

Locate the SOAPServer.crt file.

Double-click on the file to open the certificate.

Select the "Details" tab.

Scroll down through the details to find and select the "Enhanced Key Usage" Field.

If there is no "Enhanced Key Usage" field, this is a finding.

In the bottom screen, verify "Server Authentication" and "Client Authentication" are both identified.

If "Server Authentication" and "Client Authentication" are not both identified, this is a finding.

The Tanium Server certificates must have Extended Key Usage entries for the serverAuth object TLS Web Server Authentication and the clientAuth object TLS Web Client Authentication.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments