Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-25405 | HMC0225 | SV-31589r2_rule | EBRP-1 EBRU-1 | High |
Description |
---|
Failure to securely connect to remote sites can leave systems open to multiple attacks and security violations through the network. Failure to securely implement remote support connections can lead to unauthorized access or denial of service attacks on theHardware Management Console. |
STIG | Date |
---|---|
IBM Hardware Management Console (HMC) STIG | 2017-09-28 |
Check Text ( C-31953r1_chk ) |
---|
Have the Network Security Engineer check, that the remote Internet connection for IBM RSF support has met the mitigations outlined in Vulnerability Analysis for port 443/SSL in the PPSM requirements. |
Fix Text (F-28361r1_fix) |
---|
Have the Network Security Officer validate that the Internet connection meets the specifications in the PPSM requirements. |