UCF STIG Viewer Logo

Management connections to the IDPS must require authentication.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000139-IDPS-000131 SRG-NET-000139-IDPS-000131 SRG-NET-000139-IDPS-000131_rule Medium
Description
Devices protected with weak password schemes or no password at all, provide the opportunity for anyone to crack the password or gain access to the device and cause network, device, or information damage or denial of service.
STIG Date
IDPS Security Requirements Guide (SRG) 2012-03-08

Details

Check Text ( C-43264_chk )
Attempt to login to the GUI to verify access required authentication.
Attempt to login using SSH to verify access requires authentication.

If all management connections to the device require authentication, this is a finding.
Fix Text (F-43264_fix)
Configure all GUI and SSH access to require authentication prior to granting access.