Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The designer will ensure the application is compliant with the IPv6 addressing scheme as defined in RFC 1884.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19709 | APP3990 | SV-21850r1_rule | DCSQ-1 | Medium |
| Description |
|---|
| If the application is not compliant with the IPv6 addressing scheme, the entry of IPv6 formats that are 128 bits long or hexadecimal notation including colons, could result in buffer overflows compromising the application and creating additional attack vectors. |
| STIG | Date |
|---|---|
| Application Security and Development STIG | 2014-04-03 |
Details
| Check Text ( C-24106r1_chk ) |
|---|
| Ask the application representative for the design document. Review the design document for application services supporting IPv6. Verify user interfaces, graphic user interface (GUI), and system management interfaces have been updated to support IPv6 addressing and functions. 1) If the application interfaces have not been upgraded to support IPv6 addressing and functions, it is a finding. |
| Fix Text (F-23067r1_fix) |
|---|
| Design the application to be compliant with the IPv6 addressing scheme as defined in with RFC 1884. |