Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-24999 | WIR-GMMS-009 | SV-30739r2_rule | ECWN-1 | Low |
Description |
---|
The reuse of the OTA PIN can allow a hacker to provision an unauthorized device on the system. |
STIG | Date |
---|---|
Mobile Device Management (MDM) Server Security Technical Implementation Guide (STIG) | 2013-05-08 |
Check Text ( C-31149r5_chk ) |
---|
This check is valid only with the Good Technology MDM server. It is Not Applicable (NA) for all other MDM servers. 1. Make a list of all iOS security policies listed on the MDM server that have been assigned to iOS devices and review each policy. 2. Select each policy set users are assigned to and, in turn, verify the required settings are in the policy set. -Note: If there is a finding, note the name of the policy set in the Findings Details section in VMS/Component Provided Tracking Database. -Verify “Allow OTA Provisioning PIN reuse” is unchecked. Mark as a finding if “Allow OTA Provisioning PIN reuse” is checked. |
Fix Text (F-27642r2_fix) |
---|
Disable (uncheck) “Allow OTA Provisioning PIN reuse” in the iOS policy on the MDM server. |