Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
MarkLogic Server must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accordance with Ports, Protocols, and Services Management (PPSM) guidance.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-220384 | ML09-00-008000 | SV-220384r879756_rule | Medium |
| Description |
|---|
| Use of nonsecure network functions, ports, protocols, and services exposes the system to avoidable threats. |
| STIG | Date |
|---|---|
| MarkLogic Server v9 Security Technical Implementation Guide | 2024-01-24 |
Details
| Check Text ( C-22099r401603_chk ) |
|---|
| Review the network functions, ports, protocols, and services supported by MarkLogic for any that are prohibited by the PPSM guidance. Perform the check from the MarkLogic Server Admin Interface with a user that holds administrative-level privileges. 1. Click the Groups icon. 2. Click the group in which the configuration to be checked resides (e.g., Default). 3. Click the App Servers icon on the left tree menu. 4. Inspect the Summary screen for the Type/Port/ and SSL configuration. 5. If any of the App Servers uses a protocol or port prohibited by the PPSM guidance, this is a finding. |
| Fix Text (F-22088r401604_fix) |
|---|
| Disable each prohibited network function, port, protocol, or service in MarkLogic. Perform the fix from the MarkLogic Server Admin Interface with a user that holds administrative-level privileges. 1. Click the Groups icon. 2. Click the group in which the configuration to be checked resides (e.g., Default). 3. Click the App Servers icon on the left tree menu. 4. For any App Server that uses a prohibited port or protocol either disable the App Server or reconfigure to be compliant with the PPSM. |