UCF STIG Viewer Logo

ColdFusion must have Sandboxes defined for application execution.


Overview

Finding ID Version Rule ID IA Controls Severity
V-62441 CF11-03-000115 SV-76931r1_rule Medium
Description
Application isolation allows multiple applications to run on the same hosting operating system, web server and application server. Typical reasons to isolate applications are to separate different application user bases, data security levels, protect application resources, and to give least privileges to each application to system resources. Application isolation will also contain an application that has been compromised from compromising other hosted applications. To implement sandboxing, sandboxes must be setup to separate applications. Enabling the feature without implementing sandboxes does not secure the system.
STIG Date
Adobe ColdFusion 11 Security Technical Implementation Guide 2017-12-31

Details

Check Text ( C-63245r1_chk )
Within the Administrator Console, navigate to the "Sandbox Security" page under the "Security" menu. Sandboxes should be setup for the Administrator Console and any other hosted applications. The Administrator Console must have its own sandbox separate from the other hosted applications.

If there are no sandboxes implemented for the Administrator Console and the other hosted applications, this is a finding.
Fix Text (F-68361r1_fix)
Navigate to the "Sandbox Security" page under the "Security" menu. Create sandboxes for the applications to operate within and select the "Submit Changes" button.