I - Mission Critical Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000141-AS-000095
<GroupDescription></GroupDescription>Group -
The WebSphere Application Server sample applications must be removed.
<VulnDiscussion>WebSphere samples are not intended for use in a production environment. Do not run them there, as they create significant sec...Rule Low Severity -
SRG-APP-000141-AS-000095
<GroupDescription></GroupDescription>Group -
The WebSphere Application Server must remove JREs left by web server and plug-in installers for web servers and plugins running in the DMZ.
<VulnDiscussion>When you install IBM HTTP Server, the installer leaves behind a JRE. Remove this JRE, as it provides functions that are not n...Rule Low Severity -
SRG-APP-000141-AS-000095
<GroupDescription></GroupDescription>Group -
The WebSphere Application Server must be run as a non-admin user.
<VulnDiscussion>Running WebSphere as an admin user gives attackers immediate admin privileges in the event the WebSphere processes are compro...Rule Medium Severity -
SRG-APP-000141-AS-000095
<GroupDescription></GroupDescription>Group -
The WebSphere Application Server must disable JSP class reloading.
<VulnDiscussion>Application servers provide a myriad of differing processes, features, and functionalities. Some of these processes may be de...Rule Medium Severity -
SRG-APP-000142-AS-000014
<GroupDescription></GroupDescription>Group -
The WebSphere Application Server must prohibit or restrict the use of nonsecure ports, protocols, modules, and/or services as defined in the PPSM CAL and vulnerability assessments.
<VulnDiscussion>Some networking protocols may not meet organizational security requirements to protect data and components. Application serv...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.