ISEC7 EMM Suite v6.x Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000439
Group -
SRG-APP-000383
Group -
SRG-APP-000383
Group -
Stack tracing must be disabled in Apache Tomcat.
The default error page shows a full stack trace, which is a disclosure of sensitive information. Removal of unneeded or non-secure functions, ports, protocols, and services mitigate the risk of una...Rule Medium Severity -
SRG-APP-000380
Group -
The Apache Tomcat shutdown port must be disabled.
Tomcat uses a port (defaults to 8005) as a shutdown port. Someone could Telnet to the machine using this port and send the default command SHUTDOWN. Tomcat and all web apps would shut down in that ...Rule Medium Severity -
SRG-APP-000380
Group -
The ISEC7 EMM Suite must remove any unnecessaryusers or groups that have permissions to the server.xml file in Apache Tomcat.
Tomcat uses a port (defaults to 8005) as a shutdown port. Someone could Telnet to the machine using this port and send the default command SHUTDOWN. Tomcat and all web apps would shut down in that ...Rule Medium Severity -
SRG-APP-000090
Group -
A manager role must be assigned to the Apache Tomcat Web apps (Manager, Host-Manager).
If a manager role is not assigned to the Apache Tomcat web apps, the system administrator will not be able to manage and configure the web apps and security setting may not be configured correctly,...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules