UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The host server where the mobile management server is installed must be hardened according to the appropriate Application STIG (SQL, Apache Tomcat, IIS, etc.).


Overview

Finding ID Version Rule ID IA Controls Severity
V-24973 WIR-WMS-GD-002 SV-30810r2_rule ECSC-1 Medium
Description
The host server where the mobile management server is installed must be compliant with the Windows STIG and applicable application STIGs to ensure the system is not vulnerable to attack resulting in a Denial of Service or compromise of the management server.
STIG Date
Mobile Device Management (MDM) Server Security Technical Implementation Guide (STIG) 2013-01-17

Details

Check Text ( C-31226r5_chk )
Work with the OS Reviewer or check VMS for last review of each host server where a mobile management server is installed. This includes the host server for the MDM, MAM, MDIS, and MEM servers. The review should include the SQL server, Apache Tomcat, and IIS, if installed.

Mark as a finding if the previous or current OS review of the Windows server did not include the SQL or other applications included with the management server.
Fix Text (F-27613r2_fix)
Conduct required STIG reviews of the OS and all installed applications on the host server.