| V-251547 | | Firefox must be configured to ask which certificate to present to a website when a certificate is required. | When a website asks for a certificate for user authentication, Firefox must be configured to have the user choose which certificate to present. Websit... |
| V-251548 | | Firefox must be configured to not automatically check for updated versions of installed search plugins. | Updates must be controlled and installed from authorized and trusted servers. This setting overrides a number of other settings that may direct the ap... |
| V-251549 | | Firefox must be configured to not automatically update installed add-ons and plugins. | Set this to false to disable checking for updated versions of the Extensions/Themes. Automatic updates from untrusted sites puts the enclave at risk o... |
| V-251550 | | Firefox must be configured to not automatically execute or download MIME types that are not authorized for auto-download. | Some files can be downloaded or execute without user interaction. This setting ensures these files are not downloaded and executed.... |
| V-251551 | | Firefox must be configured to disable form fill assistance. | To protect privacy and sensitive data, Firefox provides the ability to configure the program so that data entered into forms is not saved. This mitiga... |
| V-251552 | | Firefox must be configured to not use a password store with or without a master password. | Firefox can be set to store passwords for sites visited by the user. These individual passwords are stored in a file and can be protected by a master ... |
| V-251553 | | Firefox must be configured to block pop-up windows. | Pop-up windows may be used to launch an attack within a new browser window with altered settings. This setting blocks pop-up windows created while the... |
| V-251554 | | Firefox must be configured to prevent JavaScript from moving or resizing windows. | JavaScript can make changes to the browser's appearance. This activity can help disguise an attack taking place in a minimized background window. Conf... |
| V-251555 | | Firefox must be configured to prevent JavaScript from raising or lowering windows. | JavaScript can raise and lower browser windows to cause improper input. Configure the browser setting to prevent scripts on visited websites from rais... |
| V-251557 | | Firefox must be configured to disable the installation of extensions. | A browser extension is a program that has been installed into the browser to add functionality. Where a plug-in interacts only with a web page and usu... |
| V-251558 | | Background submission of information to Mozilla must be disabled. | Firefox by default sends information about Firefox to Mozilla servers. There should be no background submission of technical and other information fro... |
| V-251560 | | Firefox must have the DOD root certificates installed. | The DOD root certificates will ensure that the trust chain is established for server certificates issued from the DOD Certificate Authority (CA).... |
| V-251562 | | Firefox must prevent the user from quickly deleting data. | There should not be an option for a user to "forget" work they have done. This is required to meet non-repudiation controls.... |
| V-251563 | | Firefox private browsing must be disabled. | Private browsing allows the user to browse the internet without recording their browsing history/activity. From a forensics perspective, this is unacc... |
| V-251564 | | Firefox search suggestions must be disabled. | Search suggestions must be disabled as this could lead to searches being conducted that were never intended to be made.... |
| V-251566 | | Firefox network prediction must be disabled. | If network prediction is enabled, requests to URLs are made without user consent. The browser should always make a direct DNS request without prefetch... |
| V-251567 | | Firefox fingerprinting protection must be enabled. | The Content Blocking/Tracking Protection feature stops Firefox from loading content from malicious sites. The content might be a script or an image, f... |
| V-251568 | | Firefox cryptomining protection must be enabled. | The Content Blocking/Tracking Protection feature stops Firefox from loading content from malicious sites. The content might be a script or an image, f... |
| V-251569 | | Firefox Enhanced Tracking Protection must be enabled. | Tracking generally refers to content, cookies, or scripts that can collect browsing data across multiple sites.
It is detrimental for applications to... |
| V-251570 | | Firefox extension recommendations must be disabled. | The Recommended Extensions program makes it easier for users to discover extensions that have been reviewed for security, functionality, and user expe... |
| V-251571 | | Firefox deprecated ciphers must be disabled. | A weak cipher is defined as an encryption/decryption algorithm that uses a key of insufficient length. Using an insufficient length for a key in an en... |
| V-251572 | | Firefox must not recommend extensions as the user is using the browser. | The Recommended Extensions program recommends extensions to users as they surf the web.
The user must not be encouraged to install extensions from th... |
| V-251573 | | The Firefox New Tab page must not show Top Sites, Sponsored Top Sites, Pocket Recommendations, Sponsored Pocket Stories, Searches, Highlights, or Snippets. | The New Tab page by default shows a list of built-in top sites, as well as the top sites the user has visited.
It is detrimental for applications to ... |
| V-251577 | | Firefox must be configured so that DNS over HTTPS is disabled. | DNS over HTTPS has generally not been adopted in the DoD. DNS is tightly controlled.
It is detrimental for applications to provide, or install by def... |
| V-251578 | | Firefox accounts must be disabled. | Disable Firefox Accounts integration (Sync).
It is detrimental for applications to provide, or install by default, functionality exceeding requireme... |
| V-251580 | | Firefox feedback reporting must be disabled. | Disable the menus for reporting sites (Submit Feedback, Report Deceptive Site).
It is detrimental for applications to provide, or install by default... |
| V-251581 | | Firefox encrypted media extensions must be disabled. | Enable or disable Encrypted Media Extensions and optionally lock it.
If "Enabled" is set to "false", Firefox does not download encrypted media extens... |
| V-252881 | | Firefox must be configured to not delete data upon shutdown. | For diagnostic purposes, data must remain behind when the browser is closed. This is required to meet non-repudiation controls.... |
| V-252908 | | Pocket must be disabled. | Pocket, previously known as Read It Later, is a social bookmarking service for storing, sharing, and discovering web bookmarks. Data gathering cloud s... |
| V-252909 | | Firefox Studies must be disabled. | Studies try out different features and ideas before they are released to all Firefox users. Testing beta software is not in the DoD user's mission.... |
| V-251559 | | Firefox development tools must be disabled. | Information needed by an attacker to begin looking for possible vulnerabilities in a web browser includes any information about the web browser and pl... |
| V-251565 | | Firefox autoplay must be disabled. | Autoplay allows the user to control whether videos can play automatically (without user consent) with audio content. The user must be able to select c... |
| V-251545 | | The installed version of Firefox must be supported. | Using versions of an application that are not supported by the vendor is not permitted. Vendors respond to security flaws with updates and patches. Th... |
| V-251546 | | Firefox must be configured to allow only TLS 1.2 or above. | Use of versions prior to TLS 1.2 are not permitted. SSL 2.0 and SSL 3.0 contain a number of security flaws. These versions must be disabled in complia... |
