Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Application Server Security Requirements Guide
SRG-APP-000509
The application server must generate log records for all account creations, modifications, disabling, and termination events.
The application server must generate log records for all account creations, modifications, disabling, and termination events.
An XCCDF Rule
Details
Profiles
Prose
The application server must generate log records for all account creations, modifications, disabling, and termination events.
Medium Severity
<VulnDiscussion>The maintenance of user accounts is a key activity within the system to determine access and privileges. Through changes to accounts, an attacker can create an account for persistent access, modify an account to elevate privileges or terminate/disable an account(s) to cause a DoS for user(s). To be able to track and investigate these actions, log records must be generated for any account modification functions. Application servers either provide a local user store, or they can integrate with enterprise user stores like LDAP. As such, the application server must be able to generate log records on account creation, modification, disabling, and termination.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>