UCF STIG Viewer Logo

A PC communications application is operated with administrative or root level privileges.


Overview

Finding ID Version Rule ID IA Controls Severity
V-16114 VVoIP 1715 (GENERAL) SV-17102r1_rule DCBP-1 ECSC-1 Medium
Description
PC voice, video, UC, and collaboration communications applications must not be operated in a manner that can compromise the platform if the application itself becomes compromised. One way to mitigate this possibility is to ensure that the application does not require administrative privileges to operate and that it is not operated with privileges that could be used to compromise the platform, other applications, or the network.
STIG Date
Voice/Video Services Policy STIG 2014-04-07

Details

Check Text ( C-17158r1_chk )
Interview the IAO to validate compliance with the following requirement:
Ensure PC voice, video, UC, or collaboration communications applications do not require and/or are not configured to operate with administrative privileges.

Determine if the installed PC voice, video, UC, or collaboration communications application(s) requires and/or is configured to operate with administrative privileges. Inspect a random sampling of PC voice, video, UC, or collaboration communications applications to determine if they are configured to operate with administrative privileges. This is a finding if a PC voice, video, UC, or collaboration communications application requires with administrative privileges to operate or if the application or platform is configured such that the application runs with administrative privileges. Even though a user has administrative privileges, the application should not inherit those privileges and should operate without them.
Fix Text (F-16220r1_fix)
Ensure PC voice, video, UC, or collaboration communications applications do not require and/or are not configured to operate with administrative privileges.

Configure the application and/or platform to not operate with administrative privileges or un-install it. Even though a user has administrative privileges, the application should not inherit those privileges and should operate without them.