UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

JBoss must be configured to allow only the ISSM (or individuals or roles appointed by the ISSM) to select which loggable events are to be logged.


Overview

Finding ID Version Rule ID IA Controls Severity
V-213504 JBOS-AS-000085 SV-213504r955988_rule Medium
Description
The JBoss server must be configured to select which personnel are assigned the role of selecting which loggable events are to be logged. In JBoss, the role designated for selecting auditable events is the "Auditor" role. The personnel or roles that can select loggable events are only the ISSM (or individuals or roles appointed by the ISSM).
STIG Date
JBoss Enterprise Application Platform 6.3 Security Technical Implementation Guide 2024-02-26

Details

Check Text ( C-14727r955987_chk )
Log on to the OS of the JBoss server with OS permissions that allow access to JBoss.
Using the relevant OS commands and syntax, cd to the /bin/ folder.
Run the jboss-cli script to start the Command Line Interface (CLI).
Connect to the server and authenticate.
Run the command:

For a Managed Domain configuration:
"ls host=master/server=/core-service=management/access=authorization/role-mapping=Auditor/include="

For a Standalone configuration:
"ls /core-service=management/access=authorization/role-mapping=Auditor/include="

If the list of users in the Auditors group is not approved by the ISSM, this is a finding.
Fix Text (F-14725r296179_fix)
Obtain documented approvals from ISSM, and assign the appropriate personnel into the "Auditor" role.