UCF STIG Viewer Logo

The designer and IAO will ensure UDDI publishing is restricted to authenticated users.


Overview

Finding ID Version Rule ID IA Controls Severity
V-19698 APP3850 SV-21839r1_rule DCSQ-1 Medium
Description
Ficticious or false entries could result if someone other than an authenticated user is able to create or modify the UDDI registry. The data integrity would be questionable if anonymous users are able to write to the repository.
STIG Date
Application Security and Development Checklist 2014-12-22

Details

Check Text ( C-24095r1_chk )
If the application does not utilize UDDI registries, this check is not applicable.

Ask the application representative to demonstrate UDDI publishing is restricted to authenticated users.

1) If application representative is unable to demonstrate UDDI publishing is restricted to authenticated users, it is a finding.
Fix Text (F-23052r1_fix)
Restrict UDDI publishing only to authenticated users.