STIGQter: STIG Summary: IBM WebSphere Traditional V9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 23 Aug 2018:

The WebSphere Application Server users in the WebSphere auditor role must be configured in accordance with the System Security Plan.

DISA Rule

SV-95921r1_rule

Vulnerability Number

V-81207

Group Title

SRG-APP-000016-AS-000013

Rule Version

WBSP-AS-000090

Severity

CAT II

CCI(s)

• CCI-000067 - The information system monitors remote access methods.
• CCI-000171 - The information system allows organization-defined personnel or roles to select which auditable events are to be audited by specific components of the information system.
• CCI-002234 - The information system audits the execution of privileged functions.

Weight

10

Fix Recommendation

In the administrative console, navigate to Users and Groups >> Administrative User roles.

If an unauthorized user is in the auditor role, remove the user from the auditor role.

Restart the DMGR and all the JVMs.

Check Contents

Review System Security Plan documentation.

Identify users and roles.

In the administrative console, navigate to Users and Groups >> Administrative User Roles.

Check the roles for each user.

If any user is not authorized by the ISSO/ISSM to be in the role of an auditor, this is a finding.

Vulnerability Number

V-81207

Documentable

False

Rule Version

WBSP-AS-000090

Severity Override Guidance

Review System Security Plan documentation.

Identify users and roles.

In the administrative console, navigate to Users and Groups >> Administrative User Roles.

Check the roles for each user.

If any user is not authorized by the ISSO/ISSM to be in the role of an auditor, this is a finding.

Check Content Reference

M

Target Key

3399

Comments