Documentation - V-204798

V-204798

Application Server Security Requirements Guide

CAT II

Title

The application server must require users to reauthenticate when organization-defined circumstances or situations require reauthentication.

Description

<VulnDiscussion>Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When applications provide the capability to change security roles or escalate the functional capability of the application, it is critical the user reauthenticate. In addition to the reauthentication requirements associated with session locks, the application server security model may require reauthentication of individuals in other situations, including (but not limi...

Fix Text (Documentation Requirement)

Configure the application server to require a user to reauthenticate when organization-defined circumstances or situations are met.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel