UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IAO will ensure an XML firewall is deployed to protect web services.


Overview

Finding ID Version Rule ID IA Controls Severity
V-19694 APP6300 SV-21835r1_rule DCSQ-1 Medium
Description
Web Services are vulnerable to many types of attacks. XML based firewalls can be used to prevent common attacks.
STIG Date
Application Security and Development Checklist 2014-12-22

Details

Check Text ( C-24091r1_chk )
Ask the application representative to verify whether XML based web services are used within the application. If no XML based web services are used in the application, this check is not applicable.

If XML based web services are used within the application, ask the application representative for a network diagram identifying the XML firewall placement. Review the network diagrams and determine if all web services are protected by the XML firewall.

1) If network diagrams do not exist or all web services are not protected by the XML firewall, it is a finding.
Fix Text (F-23072r1_fix)
Deploy XML Firewall to protect web services.