ColdFusion must transmit only encrypted representations of passwords to NoSQL data sources.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-279058 | SRG-APP-000172-AS-000120 | APAS-CF-000345 | SV-279058r1171531_rule | 2025-12-19 | 1 |
| Description |
|---|
| When data is transmitted between ColdFusion and the datasources without encryption, it is vulnerable to interception and unauthorized access. This can lead to the exposure of sensitive information, including personal data, authentication credentials, and other confidential information. By requiring each of the data sources to use encryption for data transmission, ColdFusion ensures that the credentials and data are protected from eavesdropping and tampering. This practice helps maintain the confidentiality and integrity of the data, thereby enhancing the overall security of the server and the applications it hosts. Regularly verifying and enforcing using encryption for all datasource connections is essential for maintaining a secure server environment. |
| ℹ️ Check |
|---|
| 1. From the Admin Console Landing Screen, navigate to Data & Services >> NoSQL Data Sources. 2. For each "Connected NoSQL Data Source" configured, examine the settings and verify if encryption is enabled and properly configured for each data source connection. If any NoSQL data source is found without encryption enabled, this is a finding. If any NoSQL data source does not have "Enable SSL " checked, this is a finding. |
| ✔️ Fix |
|---|
| 1. From the Admin Console Landing Screen, navigate to Data & Services >> NoSQL Data Sources. 2. Make the necessary changes to the data source to use encryption. 3. Check " Enable SSL" checkbox. 4. Select "Submit". |