Skip to content

No profile (default benchmark)

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000439-AS-000274

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server must remove all export ciphers to protect the confidentiality and integrity of transmitted information.

    &lt;VulnDiscussion&gt;Export grade encryption suites are not strong and do not meet DoD requirements. The encryption for the session becomes easy f...
    Rule Medium Severity
  • SRG-APP-000440-AS-000166

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server distribution and consistency services (DCS) transport links must be encrypted.

    &lt;VulnDiscussion&gt;A Core Group (HA Domain) is a component of the high availability manager function. It can contain stand-alone servers, cluste...
    Rule Medium Severity
  • SRG-APP-000440-AS-000167

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server plugin must be configured to use HTTPS only.

    &lt;VulnDiscussion&gt;The Web server plug-in transmits information from the Web server to the Web container over HTTP by default. Extra steps must ...
    Rule Medium Severity
  • SRG-APP-000454-AS-000268

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server must remove organization-defined software components after updated versions have been installed.

    &lt;VulnDiscussion&gt;By default, when updating WebSphere application server, the older version of binaries are saved in case a "roll back" is nece...
    Rule Medium Severity
  • SRG-APP-000456-AS-000266

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server must apply the latest security fixes.

    &lt;VulnDiscussion&gt;Security vulnerabilities are often addressed by testing and applying the latest security patches and fix packs. Latest fixpac...
    Rule Medium Severity
  • SRG-APP-000456-AS-000266

    <GroupDescription></GroupDescription>
    Group
  • The WebSphere Application Server must install security-relevant software updates within the time period directed by an authoritative source (e.g., IAVMs, CTOs, DTMs, and STIGs).

    &lt;VulnDiscussion&gt;Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products t...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules