STIGQter: STIG Summary: IBM WebSphere Traditional V9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 23 Aug 2018:

The WebSphere Application Server must shut down by default upon log failure (unless availability is an overriding concern).

DISA Rule

SV-95963r1_rule

Vulnerability Number

V-81249

Group Title

SRG-APP-000109-AS-000068

Rule Version

WBSP-AS-000660

Severity

CAT III

CCI(s)

• CCI-000140 - The information system takes organization-defined actions upon audit failure (e.g., shut down information system, overwrite oldest audit records, stop generating audit records).

Weight

10

Fix Recommendation

In the admin console click Security >> Security Auditing.

Set "Audit subsystem failure action" to "Terminate".

Restart the DMGR and all JVMs.

Check Contents

If the System Security Plan documentation specifies system availability is an overriding concern, this requirement is NA.

In the admin console click Security >> Security Auditing.

If "Audit subsystem failure action" is not set to "Terminate", this is a finding.

Vulnerability Number

V-81249

Documentable

False

Rule Version

WBSP-AS-000660

Severity Override Guidance

If the System Security Plan documentation specifies system availability is an overriding concern, this requirement is NA.

In the admin console click Security >> Security Auditing.

If "Audit subsystem failure action" is not set to "Terminate", this is a finding.

Check Content Reference

M

Target Key

3399

Comments