Title

MarkLogic Server must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accordance with Ports, Protocols, and Services Management (PPSM) guidance. (Cat II impact)

Discussion

Use of nonsecure network functions, ports, protocols, and services exposes the system to avoidable threats.

Check Content

Review the network functions, ports, protocols, and services supported by MarkLogic for any that are prohibited by the PPSM guidance. Perform the check from the MarkLogic Server Admin Interface with a user that holds administrative-level privileges. 1. Click the Groups icon. 2. Click the group in which the configuration to be checked resides (e.g., Default). 3. Click the App Servers icon on the left tree menu. 4. Inspect the Summary screen for the Type/Port/ and SSL configuration. 5. If any of the App Servers uses a protocol or port prohibited by the PPSM guidance, this is a finding.

Fix Text

Disable each prohibited network function, port, protocol, or service in MarkLogic. Perform the fix from the MarkLogic Server Admin Interface with a user that holds administrative-level privileges. 1. Click the Groups icon. 2. Click the group in which the configuration to be checked resides (e.g., Default). 3. Click the App Servers icon on the left tree menu. 4. For any App Server that uses a prohibited port or protocol either disable the App Server or reconfigure to be compliant with the PPSM.

Additional Identifiers

Rule ID: SV-220384r879756_rule

Vulnerability ID: V-220384

Group Title: SRG-APP-000383-DB-000364

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.