3.3 Ensure Admin Console is either secured or removed - 'JBOSS_HOME/server/@[email protected]/deploy/management'

Information

The Administration Console application must be secured so it is accessible by trusted administrators only. If this condition is not met, the application must be removed (deleted) from deployment.

Solution

To remove the Administration Console from deployment, delete the exploded SAR located here: JBOSS_HOME/server/@[email protected]/deploy/admin-console.war/

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7b., CAT|I, CSCv6|9.1

Plugin: Unix

Control ID: dfe3410c0e983ff8353a8ac2203f08360d36f33b5b1fa004d02a1e05865bf3cb