IBM WebSphere Traditional V9.x Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The WebSphere Application Server plugin must be configured to use HTTPS only.
<VulnDiscussion>The Web server plug-in transmits information from the Web server to the Web container over HTTP by default. Extra steps must ...Rule Medium Severity -
SRG-APP-000454-AS-000268
<GroupDescription></GroupDescription>Group -
The WebSphere Application Server must remove organization-defined software components after updated versions have been installed.
<VulnDiscussion>By default, when updating WebSphere application server, the older version of binaries are saved in case a "roll back" is nece...Rule Medium Severity -
SRG-APP-000456-AS-000266
<GroupDescription></GroupDescription>Group -
The WebSphere Application Server must apply the latest security fixes.
<VulnDiscussion>Security vulnerabilities are often addressed by testing and applying the latest security patches and fix packs. Latest fixpac...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules