Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19709 | APP3990 | SV-21850r1_rule | DCSQ-1 | Medium |
Description |
---|
If the application is not compliant with the IPv6 addressing scheme, the entry of IPv6 formats that are 128 bits long or hexadecimal notation including colons, could result in buffer overflows compromising the application and creating additional attack vectors. |
STIG | Date |
---|---|
Application Security and Development Checklist | 2014-12-22 |
Check Text ( C-24106r1_chk ) |
---|
Ask the application representative for the design document. Review the design document for application services supporting IPv6. Verify user interfaces, graphic user interface (GUI), and system management interfaces have been updated to support IPv6 addressing and functions. 1) If the application interfaces have not been upgraded to support IPv6 addressing and functions, it is a finding. |
Fix Text (F-23067r1_fix) |
---|
Design the application to be compliant with the IPv6 addressing scheme as defined in with RFC 1884. |