Network Device Management Rules : Ensuring applications only reveal error messages to authorized personnel
  
Ensuring applications only reveal error messages to authorized personnel
Rule Title: The application must reveal error messages only to authorized individuals (ISSO, ISSM, and SA).
STIG ID: RICX-DM-000145
Rule ID: SV-77485r1_rule Severity: CAT II
Vuln ID: V-62995 Class: Unclass
Only authorized personnel should be aware of errors and the details of the errors. Error messages are an indicator of an organization's operational state. Additionally, sensitive account information must not be revealed through error messages to unauthorized personnel or their designated representatives.
Verifying the system restricts error messages
Verify that RiOS is configured to reveal error messages only to authorized individuals (ISSO, ISSM, and SA).
For detailed information, see Verifying the system is protecting audit information.
Configuring the system restricts error messages
Verify that RiOS is configured to reveal error messages only to authorized individuals (ISSO, ISSM, and SA).
For detailed information, see Configuring the system to protect audit information.