Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The MDM server must reveal error messages only to authorized personnel.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36066 | SRG-APP-267-MDM-062-SRV | SV-47457r1_rule | Low |
| Description |
|---|
| If the MDM server provides too much information in error logs and administrative messages to the screen it could lead to compromise. The structure and content of error messages need to be carefully considered by the organization. |
| STIG | Date |
|---|---|
| Mobile Device Manager Security Requirements Guide | 2013-01-24 |
Details
| Check Text ( C-44305r1_chk ) |
|---|
| Review the MDM server configuration to determine the system reveals error messages only to authorized personnel. If error messages are displayed to unauthorized personnel, this is a finding. |
| Fix Text (F-40596r1_fix) |
|---|
| Configure the MDM server so error messages are only revealed to authorized personnel. |