Skip to content
Catalogs
XCCDF
Red Hat Ansible Automation Controller Web Server Security Technical Implementation Guide
SRG-APP-000014-WSR-000006
The Automation Controller servers must use encrypted communication for all channels given the high impact of those services to an organization's infrastructure.
The Automation Controller servers must use encrypted communication for all channels given the high impact of those services to an organization's infrastructure. An XCCDF Rule
The Automation Controller servers must use encrypted communication for all channels given the high impact of those services to an organization's infrastructure.
Medium Severity
<VulnDiscussion>The Automation Controller communicates information about configuration of other information systems through its web interface and API, storing records about this information in a database. Although large portions are sanitized of sensitive information, due to the nature of this kind of information, it must always be maximally protected. Leaked details of configuration for DOD enterprise information systems could lead to compromise, so all access to and from the Automation Controller servers must be encrypted.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>