Details

Preventing non-privileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges.

Restricting non-privileged users also prevents an attacker, who has gained access to a non-privileged account, from elevating privileges, creating accounts, and performing system checks and maintenance.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

In the LDAP server admin console, assign WebSphere users to the appropriate WebSphere group.

Supportive Information

The following resource is also helpful.

• http://iasecontent.disa.mil/stigs/zip/U_IBM_WebSphere_Traditional_V9-x_V1R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

• 800-53|AC-6(10)
• CAT|II
• CCI|CCI-002235
• Rule-ID|SV-95945r1_rule
• STIG-ID|WBSP-AS-000240
• Vuln-ID|V-81231

Source

• Tenable.com/audits