UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The UEM server, for PKI-based authentication, must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.


Overview

Finding ID Version Rule ID IA Controls Severity
V-234544 SRG-APP-000401-UEM-000272 SV-234544r985774_rule Medium
Description
Without configuring a local cache of revocation data, there is the potential to allow access to users who are no longer authorized (users with revoked certificates).
STIG Date
Unified Endpoint Management Server Security Requirements Guide 2024-07-02

Details

Check Text ( C-37729r851619_chk )
Verify the UEM server, for PKI-based authentication, implements a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network.

If the UEM server, for PKI-based authentication, does not implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network, this is a finding.
Fix Text (F-37694r615276_fix)
Configure the UEM server to implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network for PKI-based authentication.