U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

Java Runtime Environment (JRE) 7 Version 1, Release 5 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Oracle Java Runtime Environment (JRE) 1.7.0 cpe:/a:oracle:jre:1.7.0 (View CVEs)

Checklist Highlights

Checklist Name:
Java Runtime Environment (JRE) 7
Checklist ID:
445
Version:
Version 1, Release 5
Type:
Compliance
Review Status:
Archived
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
02/12/2013

Checklist Summary:

The Java Runtime Environment (JRE) Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. This document is meant for securing Java Runtime configuration settings for systems that run java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE. The JRE STIG is meant to be used in conjunction with the appropriate operating system (OS) STIGs.

Checklist Role:

  • Desktop Client
  • Desktop or Mobile Client
  • Business Productivity Application

Known Issues:

Not provided.

Target Audience:

These requirements are designed to assist Security Managers (SMs), Information Assurance Managers (IAMs), Information Assurance Officers (IAOs), and System Administrators (SAs) with configuring and maintaining security controls.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

DoDD 8500.1

Comments/Warnings/Miscellaneous:

Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Disclaimer:

Not provided.

Product Support:

Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Point of Contact:

disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil

Sponsor:

Not provided.

Licensing:

Not provided.

Change History: 

Version 1, Release 4 - 28 May 2014
Version 1, Release 4 - 25 April 2014
Version 1, Release 3 - 24 January 2014
Version 1, Release 2 - 26 July 2013
Version 1, Release 1 - 12 February 2013
Version 1, Release 5 - 30 October 2014
Updated status to "Final" - 07 January 2015
null
null

Dependency/Requirements:

URL Description
http://iase.disa.mil/stigs/Documents/u_java_runtime_environment_6-7_stig_memo.pdf Java Runtime Environment (JRE) STIG Memo

References:

Reference URL Description

NIST checklist record last modified on 05/19/2017