The DataPower Gateway must not use 0.0.0.0 as the management IP address.

An XCCDF Rule

Description

<VulnDiscussion>If 0.0.0.0 as the management IP address, the DataPower appliance will listen on all configured interfaces for management traffic. This can allow an attacker to gain privileged-level access from an untrusted network.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-79679r1_rule
Severity: Medium
References: CCI-001368
Updated: about 1 year ago

To configure the DataPower appliance for web management:

Using an administrator account, log on to the default domain of the appliance.

On the Configure Web Management Service screen, complete the required information.
Set the Administrative state to “enabled”.

For the Local Address, use the IP address from the management subnet assigned to the unit.

The DataPower Gateway must not use 0.0.0.0 as the management IP address.

Description

Remediation - Manual Procedure