Detections
Analytics
IBMW-LS-000910 - The server.xml file must be protected from unauthorized modification.
Information
When dealing with access restrictions pertaining to change control, it should be noted that any changes to the software, and/or application server configuration could potentially have significant adverse effects on the overall security of the system.Protect the server.xml file from unauthorized modification by applying file permission restrictions.
Solution
As a privileged user with local file access to ${server.config.dir}/server.xml.Use the chmod command to configure the correct file permissions of 660.
chmod 660 server.xml
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_WebSphere_Liberty_Server_V2R2_STIG.zip
Item Details
Audit Name: DISA IBM WebSphere Liberty Server STIG v2r2
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-5(1), CAT|II, CCI|CCI-001813, Rule-ID|SV-250344r961461_rule, STIG-ID|IBMW-LS-000910, Vuln-ID|V-250344
Plugin: Unix
Control ID: 3aa5994933f37841b0c4c1f12b8c80558c828144647f6d9aadbf22d638608107