Documentation - V-204761

V-204761

Application Server Security Requirements Guide

CAT II

Title

The application server must separate hosted application functionality from application server management functionality.

Description

<VulnDiscussion>The application server consists of the management interface and hosted applications. By separating the management interface from hosted applications, the user must authenticate as a privileged user to the management interface before being presented with management functionality. This prevents nonprivileged users from having visibility to functions not available to the user. By limiting visibility, a compromised nonprivileged account does not offer information to the attacker to f...

Fix Text (Documentation Requirement)

Configure the application server so that admin management functionality and hosted applications are separated.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel