A KVM switch is cascaded while being attached to ISs of different classification levels.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-6700	KVM02.006.00	SV-6878r1_rule	DCBP-1	Low

Description
Cascading KVM switches, connecting one switch to another switch, can make it difficult to determine which system is current connected to the keyboard, video and mouse by simple observation. In situations where the ISs are of differing classification levels this could lead to the compromise of sensitive or classified data or a denial of service caused by a privileged command being given to the wrong system. When the KVM switch is attached to ISs of different classification levels, the IAO or SA will ensure that no KVM switches are cascaded.

Description

Cascading KVM switches, connecting one switch to another switch, can make it difficult to determine which system is current connected to the keyboard, video and mouse by simple observation. In situations where the ISs are of differing classification levels this could lead to the compromise of sensitive or classified data or a denial of service caused by a privileged command being given to the wrong system. When the KVM switch is attached to ISs of different classification levels, the IAO or SA will ensure that no KVM switches are cascaded.

STIG	Date
Keyboard Video and Mouse Switch STIG	2014-08-04

Details

Check Text ( C-2673r1_chk )
The reviewer will check the connections for the KVM switch to verify that it is not connected to another KVM switch when ISs of different classification levels are attached.

Fix Text (F-6295r1_fix)
Develop a plan to remove all cascaded KVM switches as soon as possible without disrupting production. Connect each IS to a open port on a KVM switch that is in turn only connected to a keyboard, video monitor, and mouse, not to another KVM switch. Obtain CM approval for the plan and execute the plan at the earliest opportunity.