The application must ensure messages are encrypted when the SessionIndex is tied to privacy data.

An XCCDF Rule

Details
Profiles

Description

When the SessionIndex is tied to privacy data (e.g., attributes containing privacy data) the message should be encrypted. If the message is not encrypted there is the possibility of compromise of privacy data.

ID: SV-222406r960759_rule
Version: APSC-DV-000260
Severity: Medium
References: CCI-000068
Updated: about 2 months ago

Remediation Templates

Encrypt messages when the SessionIndex is tied to privacy data.

The application must ensure messages are encrypted when the SessionIndex is tied to privacy data.

Description

Remediation Templates

A Manual Procedure