Adobe ColdFusion 11 STIG

Adobe ColdFusion 11 Security Technical Implementation Guide

ID Vuln ID Title Cat Status
CF11-03-000105 V-237175 ColdFusion must have Remote Inspection disabled. Cat I
CF11-05-000169 V-237201 ColdFusion must set session cookies as browser session cookies. Cat II
CF11-05-000173 V-237202 ColdFusion must provide a clustering capability. Cat II
CF11-03-000101 V-237171 ColdFusion must have Remote Adobe LiveCycle Data Management access disabled. Cat II
CF11-05-000192 V-237215 ColdFusion must limit the time-out for requests waiting in the queue. Cat II
CF11-03-000113 V-237182 ColdFusion must protect newly created objects. Cat II
CF11-06-000216 V-237225 The ColdFusion missing template handler must be valid. Cat II
CF11-05-000181 V-237204 ColdFusion, when part of a mission critical system, must be in a high-availability (HA) cluster. Cat II
CF11-03-000114 V-237183 ColdFusion must have Sandbox Security enabled. Cat II
CF11-06-000224 V-237233 ColdFusion must enable Global Script Protection. Cat II
CF11-01-000010 V-237141 ColdFusion must automatically terminate a user session after user inactivity. Cat II
CF11-03-000118 V-237187 ColdFusion must have example collections removed. Cat II
CF11-03-000091 V-237163 ColdFusion must limit applications from changing shared Java components. Cat II
CF11-05-000168 V-237200 ColdFusion must use J2EE session variables. Cat II
CF11-01-000011 V-237142 ColdFusion must set a maximum session time-out value. Cat II

Print

Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Print

Version Changes

If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.
Changes