STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Adobe ColdFusion Security Technical Implementation Guide

V-279035

CAT III (Low)

ColdFusion must log scheduled tasks.

Rule ID

SV-279035r1171616_rule

STIG

Adobe ColdFusion Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000132

Discussion

Logging scheduled tasks in ColdFusion is essential for detecting unauthorized or unexpected behavior, ensuring task execution integrity, and supporting forensic investigations. Scheduled tasks can be used to automate critical operations, including data transfers, script executions, or maintenance routines. If these tasks are not properly logged, malicious or erroneous activities may go undetected. For example, an attacker could schedule a task to exfiltrate data or alter application configurations without immediate notice. Recording details such as task name, execution time, user context, success or failure status, and any associated errors provides administrators with the necessary information to monitor system behavior, identify anomalies, and maintain accountability.

Check Content

Verify Logging is enabled. 

From the Admin Console Landing Screen, navigate to Debugging & Logging >> Logging Settings.

If "Enable logging for scheduled tasks" is missing, the Scheduler is not installed, and this is not a finding. 

If "Enable logging for scheduled tasks" exists and is not checked, this is a finding.

Fix Text

Configure ColdFusion to enable logging.

1. From the Admin Console Landing Screen, navigate to Debugging & Logging >> Logging Settings.

2. Check "Enable logging for scheduled tasks".

3. Select "Submit Changes".