Automation Controller must utilize encryption when using LDAP for authentication.

STIG ID: APAS-AT-000055  |  SRG: SRG-APP-000172-AS-000121 |  Severity: medium |  CCI: CCI-000197 |  Vulnerability Id: V-256907 | 

Vulnerability Discussion

To avoid access with malicious intent, passwords will need to be protected at all times. This includes transmission where passwords must be encrypted for security.

Check

Log in to Automation Controller as an administrator and navigate to Settings >> Authentication >> LDAP settings.

If an LDAP server is configured but the "LDAP SERVER URI" field does not start with "ldaps://", this is a finding.

Fix

Log in to Automation Controller as an administrator and navigate to Settings >> Authentication >> LDAP settings.

Click "Edit".

Modify the "LDAP SERVER URI" field so that it begins with "ldaps://".

Click "Save".