Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Application Security and Development Security Technical Implementation Guide
SRG-APP-000516
Access privileges to the Configuration Management (CM) repository must be reviewed every three months.
Access privileges to the Configuration Management (CM) repository must be reviewed every three months.
An XCCDF Rule
Details
Profiles
Prose
Access privileges to the Configuration Management (CM) repository must be reviewed every three months.
Medium Severity
<VulnDiscussion>A Configuration Management (CM) repository is used to manage application code versions and to securely store application code. Incorrect access privileges to the CM repository can lead to malicious code or unintentional code being introduced into the application. This requirement is intended to be applied to application developers or organizations responsible for code management or who have and operate an application CM repository.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>