Check: TCAT-AS-000610
Apache Tomcat Application Server 9 STIG:
TCAT-AS-000610
(in versions v2 r7 through v1 r1)
Title
JMX authentication must be secured. (Cat II impact)
Discussion
Java Management Extensions (JMX) provides the means to remotely manage the Java VM. When enabling the JMX agent for remote monitoring, the user must enable authentication.
Check Content
From the Tomcat server run the following command: sudo grep -I jmxremote.authenticate /etc/systemd/system/tomcat.service sudo ps -ef |grep -i jmxremote If the results are blank, this is not a finding. If the results include: -Dcom.sun.management.jmxremote.authenticate=false, this is a finding.
Fix Text
If using JMX for management of the Tomcat server, start the Tomcat server by adding the following command line flags to the systemd startup scripts in /etc/systemd/system/tomcat.service. Environment='CATALINA_OPTS -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.authenticate=true -Dcom.sun.management.jmxremote.ssl=true' sudo systemctl start tomcat sudo systemctl daemon-reload
Additional Identifiers
Rule ID: SV-222963r879590_rule
Vulnerability ID: V-222963
Group Title: SRG-APP-000149-AS-000102
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000765 |
The information system implements multifactor authentication for network access to privileged accounts. |
Controls
Number | Title |
---|---|
IA-2 (1) |
Network Access To Privileged Accounts |