Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Unauthorized users have access to the Sun Ray administration tool.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-16072 | SUN0080 | SV-17059r1_rule | ECCD-1 ECCD-2 | High |
| Description |
|---|
| Unauthorized users accessing the Sun Ray administration tool could modify or disable the entire Sun Ray server or network. Unrestricted access may also give access to other operating system daemons and applications. Restricting access to only authorized users will ensure only approved users are able to access the Sun Ray administration tool. |
| STIG | Date |
|---|---|
| Sun Ray 4 STIG | 2015-04-02 |
Details
| Check Text ( C-17116r1_chk ) |
|---|
| Request the documentation authorizing users to administer the Sun Ray Server. Compare this list with the list below. If there is a discrepancy, this is a finding. Open a terminal command line on the Solaris 10 server. Perform the following: # /opt/SUNWut/sbin/utadminuser If users listed here are not authorized to access the Sun Ray administration console, this is a finding. |
| Fix Text (F-16178r1_fix) |
|---|
| Ensure only authorized users have access to the Sun Ray administration console. |