UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The MEM client must support SHA2 signature verification.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32805 WIR-WMS-MEM-24 SV-43151r1_rule IAKM-1 Low
Description
SHA2 or later signing is required because earlier signing algorithms have been compromised and do not provide the required level of trust.
STIG Date
Mobile Email Management (MEM) Server Security Technical Implementation Guide (STIG) 2013-01-17

Details

Check Text ( C-41138r2_chk )
Verify the MEM client supports SHA2 signature verification. Talk to the site system administrator and have them show this capability exists in the MEM server. Also, review MEM product documentation.

Mark as a finding if the MEM server does not have required features.
Fix Text (F-36686r1_fix)
Use a MEM product that supports SHA2 signature verification.