UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Crash-restart vulnerabilities are present on the DSN system component.


Overview

Finding ID Version Rule ID IA Controls Severity
V-7970 DSN13.15 SV-8456r1_rule ECSC-1 Medium
Description
Requirement: The IAO will ensure that tests are performed for crash-restart vulnerabilities and develop procedures to eliminate vulnerabilities found (i.e., ensure ENHANCED_PASSWORD_CONTROL is active to prevent system logons after restart on Nortel switches). Some systems reset to default settings (i.e. users names, passwords, user access privileges) when a re-boot is initiated. If this is the case and a restart occurs and action is not taken to reset default settings, the risk is increased for unauthorized access.
STIG Date
Defense Switched Network (DSN) STIG 2015-06-30

Details

Check Text ( C-4163r1_chk )
ensure ENHANCED_PASSWORD_CONTROL is active to prevent system logons after restart on Nortel switches
Fix Text (F-7968r1_fix)
Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy.