Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The application server management interface must provide a logout functionality to allow the user to manually terminate the session.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35419 | SRG-APP-000221-AS-000149 | SV-46706r1_rule | Medium |
| Description |
|---|
| Manually terminating an AS management session allows users to immediately depart the physical vicinity of the system they are logged into without the risk of subsequent system users or unauthorized parties reactivating or continuing their session. User's who log into the application server management interface must have the ability to manually terminate their session. |
| STIG | Date |
|---|---|
| Application Server Security Requirements Guide | 2013-01-08 |
Details
| Check Text ( C-43769r1_chk ) |
|---|
| Manually terminating an AS management session allows users to immediately depart the physical vicinity of the system they are logged into without the risk of subsequent system users or unauthorized parties reactivating or continuing their session. User's who log into the application server management interface must have the ability to manually terminate their session. |
| Fix Text (F-39962r1_fix) |
|---|
| Configure the AS to provide a logout functionality to allow the user to manually terminate the session. |