Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
CA API Gateway ALG Security Technical Implementation Guide
SRG-NET-000288-ALG-000109
SRG-NET-000288-ALG-000109
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-NET-000288-ALG-000109
1 Rule
<GroupDescription></GroupDescription>
The CA API Gateway providing content filtering must block or restrict detected prohibited mobile code.
Medium Severity
<VulnDiscussion>Mobile code is defined as software modules obtained from remote systems, transferred across a network, and then downloaded and executed on a local system without explicit installation or execution by the recipient. This applies to mobile code that may originate either internal to or external from the enclave. Mobile code is defined as software modules obtained from remote systems, transferred across a network, and then downloaded and executed on a local system without explicit installation or execution by the recipient. Mobile code that must be blocked or restricted is identified in CCI-001166. The CA API Gateway must block against code injection and SQL injection attacks, helping to block any mobile code that is exhibiting unusual behavior, such as the injection of incorrect code or wrongly formatted SQL statements, and that may be prohibited from use due to these anomalies.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>