Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Apple iOS/iPadOS 18 Security Technical Implementation Guide
PP-MDF-993300
PP-MDF-993300
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
PP-MDF-993300
1 Rule
<GroupDescription></GroupDescription>
Apple iOS/iPadOS 18 must implement the management setting: require passcode for incoming Airplay connection requests.
Low Severity
<VulnDiscussion>When an incoming AirPlay request is allowed without a password, it may mistakenly associate the iPhone and iPad with an AirPlay-enabled device other than the one intended (i.e., by choosing the wrong one from the AirPlay list displayed). This creates the potential for someone in control of a mistakenly associated device to obtain DOD sensitive information without authorization. Requiring a password before such an association mitigates this risk. Passwords do not require any administration and are not required to comply with any complexity requirements. SFRID: FMT_SMF.1.1 #40</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>