Documentation - V-255878

V-255878

IBM WebSphere Traditional V9.x Security Technical Implementation Guide

CAT II

Title

The WebSphere Application Servers must not be in the DMZ.

Description

<VulnDiscussion>The application server consists of the management interface and hosted applications. By separating the management interface from hosted applications, the user must authenticate as a privileged user to the management interface before being presented with management functionality. This prevents non-privileged users from having visibility to functions not available to the user. By limiting visibility, a compromised non-privileged account does not offer information to the attacker to...

Fix Text (Documentation Requirement)

If any application server host is installed in the DMZ, reassign IP address to a secured network and reconfigure the application server.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel