Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The application server must employ automated mechanisms for enforcing access restrictions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35220 | SRG-APP-000129-AS-000088 | SV-46507r1_rule | Medium |
| Description |
|---|
| When dealing with access restrictions pertaining to change control, it should be noted that any changes to the software, and/or application server configuration can potentially have significant effects on the overall security of the system. Access restrictions for changes also include application software libraries. If the application server provides automatic code deployment capability, (where updates to applications hosted on the app server are automatically performed, usually by the developers IDE tool), it must also provide a capability to restrict the use of automatic application deployment. Automatic code deployments are allowable in a development environment, but not in production. |
| STIG | Date |
|---|---|
| Application Server Security Requirements Guide | 2013-01-08 |
Details
| Check Text ( C-43592r2_chk ) |
|---|
| Review the AS documentation and configuration to determine if the system employs mechanisms to enforce restrictions on automated code deployment on production application servers. If the AS does not provide these access controls, this is a finding. |
| Fix Text (F-39766r1_fix) |
|---|
| Configure the AS to block automatic code deployments. |