Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-226256 | WN12-GE-000025 | SV-226256r794542_rule | Medium |
Description |
---|
Failure to verify a certificate's revocation status can result in the system accepting a revoked, and therefore unauthorized, certificate. This could result in the installation of unauthorized software or a connection for rogue networks, depending on the use for which the certificate is intended. Querying for certificate revocation mitigates the risk that the system will accept an unauthorized certificate. |
STIG | Date |
---|---|
Microsoft Windows Server 2012/2012 R2 Domain Controller Security Technical Implementation Guide | 2021-10-18 |
Check Text ( C-27958r476612_chk ) |
---|
Verify the system has software installed and running that provides certificate validation and revocation checking. If it does not, this is a finding. |
Fix Text (F-27946r476613_fix) |
---|
Install software that provides certificate validation and revocation checking. |