| V-6782 | High | The MFD does not maintain its configuration state (passwords, service settings etc) after a power down or reboot. | If the MFD does not maintain it state over a power down or reboot, it will expose the network to all of the vulnerabilities that where mitigated by the modifications made to its configuration... |
| V-6784 | High | There is no restriction on where a MFD or a printer can be remotely managed. | Since unrestricted access to the MFD or printer for management is not required the restricting the management interface to specific IP addresses decreases the exposure of the system to malicious... |
| V-6800 | High | MFDs with print, copy, scan, or fax capabilities must be prohibited on classified networks without the approval of the DAA. | MFDs with print, copy, scan, or fax capabilities, if compromised, could lead to the compromise of classified data or the compromise of the network. The IAO will ensure MFDs with copy, scan, or... |
| V-6779 | Medium | A firewall or router rule is not used to block all ingress and egress traffic from the enclave perimeter to the MFD or printer. | Access to the MFD or printer from outside the enclave network could lead to a denial of service caused by a large number of large print files being sent to the device. Ability for the MFD or... |
| V-6780 | Medium | A MFD or a printer device is not flash upgradeable or is not configured to use the most current firmware available. | MFD devices or printers utilizing old firmware can expose the network to known vulnerabilities leading to a denial of service or a compromise of sensitive data.
The SA will ensure devices are... |
| V-6783 | Medium | Management protocols, with the exception of HTTPS and SNMPv3, must be disabled at all times except when necessary. | Unneeded protocols expose the device and the network to unnecessary vulnerabilities. |
| V-6797 | Medium | The devices and their spoolers do not have auditing enabled. | Without auditing the identification and prosecution of an individual that performs malicious actions is difficult if not impossible. |
| V-6778 | Medium | A MFD or a printer is not using a static IP address. | Without static IP addresses, if the DNS cache is poisoned (corrupted) print files containing sensitive data could be redirected, leading to the compromise of sensitive data.
The SA will ensure all... |
| V-6794 | Medium | A MFD or printer is not configured to restrict jobs to those from print spoolers.
| If MFDs or printers are not restricted to accept print jobs only from print spoolers that authenticate the user and log the job, a denial of service can be created by the MFD or printer accepting... |
| V-6777 | Medium | A network protocol other than TCP/IP is enabled on a MFD or printer. | The greater the number of protocols allowed active on the network the more vulnerabilities there will be available to be exploited.
The SA will ensure the only network protocol used is TCP/IP all... |
| V-6804 | Medium | MFDs must not allow scan to SMTP (email). | The SMTP engines found on the MFDs reviewed when writing the MFD STIG did not have robust enough security features supporting scan to email. Because of the lack of robust security, scan to email... |
| V-6790 | Low | Print services for a MFD or printer are not restricted to Port 9100 and/or LPD (Port 515).
Where both Windows and non-Windows clients need services from the same device, both Port 9100 and LPD can be enabled simultaneously.
| Printer services running on ports other than the known ports for printing cannot be monitored on the network and could lead to a denial of service it the invalid port is blocked by a network... |
| V-6803 | Low | Auditing of user access and fax logs must be enabled when fax from the network is enabled. | Without auditing the originator and destination of a fax cannot be determined. Prosecuting of an individual who maliciously compromises sensitive data via a fax will be hindered without... |
| V-6799 | Low | The level of audit has not been established or the audit logs being collected for the devices and print spoolers are not being reviewed. | If inadequate information is captured in the audit, the identification and prosecution of malicious user will be very difficult. If the audits are not regularly reviewed suspicious activity may go... |
| V-6798 | Low | Implementation of an MFD and printer security policy for the protection of classified information. | Department of Defense Manual 5200.01, "Protection of Classified Information" provides policy, assigns responsibilities, and provides procedures for the designation, marking, protection, and... |
