BlackBerry Enterprise Server (version 5.x), Part 1 Security Technical Implementation Guide

BlackBerry Enterprise Server (version 5.x) STIG, Part 1 in XCCDF format. Part 1: BES architecture and training requirements. Part 2: BES configuration requirements. Part 3: BES IT Policy configuration requirements.


Version / Release: V2R8

Published: 2015-07-02

Updated At: 2018-09-23 02:04:15




Severity Open Not Reviewed Not Applicable Not a Finding
Overall 0 0 0 0
Low 0 0 0 0
Medium 0 0 0 0
High 0 0 0 0
Drop CKL or SCAP (XCCDF) results here.

    Vuln Rule Version CCI Severity Title Description Status Finding Details Comments
    SV-12370r3_rule WIR1050-01 HIGH Onset Technologies METAmessage software must not be installed on DoD BlackBerry devices or on the BES. Onset Technologies METAmessage software is production software which may introduce a virus or other malicious code on the system. This software is not approved for use on DoD systems.System AdministratorInformation Assurance OfficerECWN-1
    SV-14632r3_rule WIR1200-01 HIGH Only the BlackBerry Enterprise Server (BES) email solution must be used. If the required BlackBerry system is not used, DoD networks are at risk of being penetrated or DoD data could be exposed.Information Assurance OfficerECSC-1
    SV-14810r4_rule WIR1210-01 MEDIUM Any services installed with the BES (for example IIS, SQL, Apache Web Server, etc.) must be reviewed for STIG compliance in accordance with the appropriate SQL, Apache Web Server, or IIS STIGs. The server must be compliant with the SQL STIG, Apache Web Server STIG, and/or IIS STIG to ensure the system is not vulnerable to attack resulting in a Denial of Service or compromise of the wireless email server. Note: Some of these services are optiona
    SV-21030r3_rule WIR1200-02 HIGH Required version of the BlackBerry Enterprise Server (BES) must be installed. Earlier versions of the BES have security vulnerabilities. CYBERCOM IAVA directs all DoD installations upgrade to required version due to BlackBerry ending support for version 4.1.6 and 4.1.7 as of 2 July 2011.System AdministratorECSC-1