Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-33132 | SRG-OS-000154-NA | SV-43530r1_rule | Medium |
Description |
---|
Allowing discovery of operating system resources, names, or components can lead to giving information to an attacker that may be used as an attack vector. Rationale for non-applicability: Resource constraints on mobile devices preclude implementation of all IA functions. The applicability of this control may be reconsidered at a future date if subsequent generations of mobile devices are better able to support this control and the applications and data typically on the device justify its implementation. |
STIG | Date |
---|---|
Mobile Operating System Security Requirements Guide | 2013-07-03 |
Check Text ( C-41391r2_chk ) |
---|
This requirement is NA for the Mobile OS SRG. |
Fix Text (F-37032r2_fix) |
---|
The requirement is NA. No fix is required. |