Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-36736 | WN12-GE-000025 | SV-51584r1_rule | Medium |
Description |
---|
Failure to verify a certificate's revocation status can result in the system accepting a revoked, and therefore unauthorized, certificate. This could result in the installation of unauthorized software or a connection for rogue networks, depending on the use for which the certificate is intended. Querying for certificate revocation mitigates the risk that the system will accept an unauthorized certificate. |
STIG | Date |
---|---|
Windows Server 2012 / 2012 R2 Domain Controller Security Technical Implementation Guide | 2016-12-19 |
Check Text ( C-46847r1_chk ) |
---|
Verify the system has software installed and running that provides certificate validation and revocation checking. If it does not, this is a finding. |
Fix Text (F-44713r1_fix) |
---|
Install software that provides certificate validation and revocation checking. |