Automation Controller must utilize encryption when using LDAP for authentication.

STIG ID: APAS-AT-000055  |  SRG: SRG-APP-000172-AS-000121 | Severity: medium |  CCI: CCI-000197

Vulnerability Discussion

To avoid access with malicious intent, passwords will need to be protected at all times. This includes transmission where passwords must be encrypted for security.

Check

Log in to Automation Controller as an administrator and navigate to Settings >> Authentication >> LDAP settings.

If an LDAP server is configured but the "LDAP SERVER URI" field does not start with "ldaps://", this is a finding.

Fix

Log in to Automation Controller as an administrator and navigate to Settings >> Authentication >> LDAP settings.

Click "Edit".

Modify the "LDAP SERVER URI" field so that it begins with "ldaps://".

Click "Save".
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.