Silent Authentication must be removed from the Default Management Security Realm.

An XCCDF Rule

Description

<VulnDiscussion>Silent Authentication is a configuration setting that allows local OS users access to the JBoss server and a wide range of operations without specifically authenticating on an individual user basis. By default $localuser is a Superuser. This introduces an integrity and availability vulnerability and violates best practice requirements regarding accountability.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-213501r960792_rule
Severity: High
References: CCI-000213
Updated: 17 days ago

Log on to the OS of the JBoss server with OS permissions that allow access to JBoss. 
Using the relevant OS commands and syntax, cd to the <JBOSS_HOME>/bin/ folder. 
Run the jboss-cli script. 
Connect to the server and authenticate. 

Remove the local element from the Management Realm.For standalone servers run the following command:
/core-service=management/security-realm=
ManagementRealm/authentication=local:remove

For managed domain installations run the following command:
/host=HOST_NAME/core-service=management/security-realm=
ManagementRealm/authentication=local:remove

Silent Authentication must be removed from the Default Management Security Realm.

Description

Remediation - Manual Procedure