Scan to a file share is enabled but the file shares do not have the appropriate discretionary access control list in place.

From Multifunction Device and Network Printers STIG

Part of MFD Scan Discretionary Access Control

SV-7027r1_rule Scan to a file share is enabled but the file shares do not have the appropriate discretionary access control list in place.

Vulnerability discussion

Without appropriate discretionary access controls unauthorized individuals may read the scanned data. This can lead to a compromise of sensitive data.The SA will ensure file shares have the appropriate discretionary access control list in place if scan to a file share is enabled.

Check content

The reviewer will, with the assistance of the SA, verify that file shares have the appropriate discretionary access control list in place if scan to a file share is enabled.

Fix text

Create the appropriate discretionary access control list for file shares if scan to a file share is enabled.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.