The BlackBerry UEM server Blackberry Web Services must not be authorized access from external sources unnecessarily.
An XCCDF Rule
Description
<VulnDiscussion>By limiting access to the subset of Administrator UI functions to internal administrators, the risk of an attacker developing a custom application to administer UEM potentially changing pre-configuration items in UEM is reduced SFR ID: FMT_SMF.1.1(2) b / CM-7 b Satisfies: SRG-APP-000142</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-224387r604136_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure BlackBerry UEM server Blackberry Web Services to block access by unnecessary to external sources (default configuration).
1. Access the UEM Server console.
2. On the left bar, access Settings >> General Settings >> Blackberry Web Services access.
3. If the status is not set to "disabled", change the status to "disabled" unless access has been approved by the ISSM.