An error occurred:

Check: MFD07.003

Multifunction Device and Network Printers Security Technical Implemetation Guide: MFD07.003 (in versions v2 r15 through v2 r9)

Title

Scan to a file share is enabled but the file shares do not have the appropriate discretionary access control list in place. (Cat III impact)

Discussion

Without appropriate discretionary access controls unauthorized individuals may read the scanned data. This can lead to a compromise of sensitive data. The SA will ensure file shares have the appropriate discretionary access control list in place if scan to a file share is enabled.

Check Content

The reviewer will, with the assistance of the SA, verify that file shares have the appropriate discretionary access control list in place if scan to a file share is enabled.

Fix Text

Create the appropriate discretionary access control list for file shares if scan to a file share is enabled.

Additional Identifiers

Rule ID: SV-7027r1_rule

Vulnerability ID: V-6802

Group Title: MFD Scan Discretionary Access Control

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001090

Prevent unauthorized and unintended information transfer via shared system resources.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SC-4

Information in Shared Resources