The CA API Gateway must protect audit tools from unauthorized access.

From CA API Gateway ALG Security Technical Implementation Guide

Part of SRG-NET-000101-ALG-000059

Associated with: CCI-001493

SV-85965r1_rule The CA API Gateway must protect audit tools from unauthorized access.

Vulnerability discussion

Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on audit data.Network elements providing tools to interface with audit data will leverage user permissions and roles identifying the user accessing the tools and the corresponding rights the user enjoys in order to make decisions regarding access to audit tools.There is only one tool used to view audited events within the CA API Gateway. That tool is the CA API Gateway - Policy Manager. Use of this tool must be granted and policed by the organization, only allowing individuals access as needed in accordance with the organizational requirements.

Check content

Open the CA API Gateway - Policy Manager as an administrative user. Select "Tasks" from the main menu and chose "Manage Roles". Verify that only the authorized users of the tool have been granted their respective roles. If any user has not been granted the proper role(s), this is a finding.

Fix text

Open the CA API Gateway - Policy Manager as an administrator. Select "Tasks" from the main menu and chose "Manage Roles". Select the "View Audit Records" Role and Add/Assign the users that are authorized to view the audited events as per organizational policy. Assign any other roles to authorized users as per organizational policy.

Pro Tips

Powered by sagemincer