LockOutRealm must not be removed from Apache Tomcat.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-224782	ISEC-06-550300	SV-224782r505933_rule		Medium

Description
LockOutRealm prevents brute force attacks against user passwords. Removal of unneeded or non-secure functions, ports, protocols, and services mitigate the risk of unauthorized connection of devices, unauthorized transfer of information, or other exploitation of these resources. The organization must perform a periodic scan/review of the application (as required by CCI-000384) and disable functions, ports, protocols, and services deemed to be unneeded or non-secure.

Description

LockOutRealm prevents brute force attacks against user passwords. Removal of unneeded or non-secure functions, ports, protocols, and services mitigate the risk of unauthorized connection of devices, unauthorized transfer of information, or other exploitation of these resources. The organization must perform a periodic scan/review of the application (as required by CCI-000384) and disable functions, ports, protocols, and services deemed to be unneeded or non-secure.

STIG	Date
ISEC7 Sphere Security Technical Implementation Guide	2020-09-04

Details

Check Text ( C-26473r461602_chk )
Log in to the ISEC7 EMM Suite server. Navigate to :\Program Files\Isec7 EMM Suite\Tomcat\Config Open the server.xml file with Notepad. Select Edit >> Find and search for LockOutRealm. Confirm the following line is in the server.xml file: If it is not found or has been commented out, this is a finding. If the LockOutRealm has been removed and can't be used, this is a finding.

Fix Text (F-26461r461603_fix)
Login to the ISEC7 EMM Suite server. Navigate to :\Program Files\Isec7 EMM Suite\Tomcat\Config Open the server.xml file with Notepad. Select Edit >> Find and search for LockOutRealm. Add the following line is in the server.xml file: Restart the ISEC7 EMM Suite Web service in the services.msc