Skip to content

III - Administrative Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000142-AS-000014

    <GroupDescription></GroupDescription>
    Group
  • Applications in privileged mode must be approved by the ISSO.

    &lt;VulnDiscussion&gt;The privileged attribute controls if a context (application) is allowed to use container provided servlets like the Manager s...
    Rule Medium Severity
  • SRG-APP-000148-AS-000101

    <GroupDescription></GroupDescription>
    Group
  • Tomcat management applications must use LDAP realm authentication.

    &lt;VulnDiscussion&gt;Using the local user store on a Tomcat installation does not meet a multitude of security control requirements related to use...
    Rule Medium Severity
  • SRG-APP-000149-AS-000102

    <GroupDescription></GroupDescription>
    Group
  • JMX authentication must be secured.

    &lt;VulnDiscussion&gt;Java Management Extensions (JMX) provides the means to remotely manage the Java VM. When enabling the JMX agent for remote mo...
    Rule Medium Severity
  • SRG-APP-000153-AS-000104

    <GroupDescription></GroupDescription>
    Group
  • TLS must be enabled on JMX.

    &lt;VulnDiscussion&gt;Java Management Extensions (JMX) provides the means for enterprises to remotely manage the Java VM and can be used in place o...
    Rule High Severity
  • SRG-APP-000172-AS-000121

    <GroupDescription></GroupDescription>
    Group
  • LDAP authentication must be secured.

    &lt;VulnDiscussion&gt;JNDIRealm is an implementation of the Tomcat Realm interface. Tomcat uses the JNDIRealm to look up users in an LDAP directory...
    Rule High Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules