STIGQter: STIG Summary: IBM WebSphere Traditional V9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 23 Aug 2018:

The WebSphere Application Server Quality of Protection (QoP) must be set to use TLSv1.2 or higher.

DISA Rule

SV-95929r1_rule

Vulnerability Number

V-81215

Group Title

SRG-APP-000014-AS-000009

Rule Version

WBSP-AS-000160

Severity

CAT II

CCI(s)

• CCI-000068 - The information system implements cryptographic mechanisms to protect the confidentiality of remote access sessions.

Weight

10

Fix Recommendation

From the administrative console, navigate to Security >> SSL certificate and key management.

Click "SSL configurations".

Click on each SSL configuration.

Under "Additional Properties", click "Quality of protection (QoP)" settings.

At the "Protocol" pull-down menu, select "TLSv1.2 or greater".

Click "OK".

Click "Save".

Restart the DMGR and all the JVMs.

Check Contents

From the administrative console, navigate to Security >> SSL certificate and key management.

Click "SSL configurations".

Click on each SSL configuration to review.

Under "Additional Properties", click "Quality of protection (QoP)" settings.

If the "Protocol" field does not show "TLSv1.2 or greater", this is a finding.

Vulnerability Number

V-81215

Documentable

False

Rule Version

WBSP-AS-000160

Severity Override Guidance

From the administrative console, navigate to Security >> SSL certificate and key management.

Click "SSL configurations".

Click on each SSL configuration to review.

Under "Additional Properties", click "Quality of protection (QoP)" settings.

If the "Protocol" field does not show "TLSv1.2 or greater", this is a finding.

Check Content Reference

M

Target Key

3399

Comments