Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Management connections to the IDPS must require authentication.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000139-IDPS-000131 | SRG-NET-000139-IDPS-000131 | SRG-NET-000139-IDPS-000131_rule | Medium |
| Description |
|---|
| Devices protected with weak password schemes or no password at all, provide the opportunity for anyone to crack the password or gain access to the device and cause network, device, or information damage or denial of service. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43264_chk ) |
|---|
| Attempt to login to the GUI to verify access required authentication. Attempt to login using SSH to verify access requires authentication. If all management connections to the device require authentication, this is a finding. |
| Fix Text (F-43264_fix) |
|---|
| Configure all GUI and SSH access to require authentication prior to granting access. |