UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The MDM server must protect audit information from unauthorized read access.


Overview

Finding ID Version Rule ID IA Controls Severity
V-36313 SRG-APP-118-MDM-264-SRV SV-47717r1_rule Low
Description
Audit data is considered sensitive, and is intended to be read by the System Administrator only. Allowing non-administrators access to this data could expose vulnerabilities in the system.
STIG Date
Mobile Device Manager Security Requirements Guide 2013-01-24

Details

Check Text ( C-44554r1_chk )
Review the configuration settings to determine whether the MDM server audit feature protects audit information from unauthorized read access. If the MDM server does not protect audit information from unauthorized read access, this is a finding.
Fix Text (F-40844r1_fix)
Configure the MDM server to protect audit information from unauthorized read access.