Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
ISEC7 EMM Suite must disable or delete local account created during application installation and configuration.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-224767 | ISEC-06-000660 | SV-224767r505933_rule | High |
| Description |
|---|
| The ISEC7 local account password complexity controls do not meet DoD requirements; therefore, admins have the capability to configure the account out of compliance, which could allow attacker to gain unauthorized access to the server and access to command MDM servers. |
| STIG | Date |
|---|---|
| ISEC7 Sphere Security Technical Implementation Guide | 2020-09-04 |
Details
| Check Text ( C-26458r461557_chk ) |
|---|
| Log in to the ISEC7 EMM Suite console. Navigate to Administration >> Configuration >> Account Management >> Users. Select Edit next to the local account Admin. Verify Login disabled has been selected. If Login disabled has not been selected, this is a finding. |
| Fix Text (F-26446r461558_fix) |
|---|
| Log in to the ISEC7 EMM Suite console. Navigate to Administration >> Configuration >> Account Management >> Users. Select Edit next to the local account Admin. Check Login disabled for the account. Click Save. |