Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-6683 | KVM01.009.00 | SV-6845r2_rule | DCBP-1 | Medium |
Description |
---|
There are many "hot key" features that could be used. Since each vender has a different set of features and it is impractical to review all features from all venders for potential vulnerabilities, no features other than the ability to bring up a menu of the ISs available on the KVM switch to allow the user to select which IS they wish to display will be enabled. Additional features will be approved if requested and time is available to review the feature and its implementation. The ISSO or SA will ensure the only “hot key” feature enabled is the menu feature that allows the user to select the IS to be used from the displayed menu. |
STIG | Date |
---|---|
Keyboard Video and Mouse Switch STIG | 2015-12-09 |
Check Text ( C-2633r2_chk ) |
---|
The reviewer will, with the assistance of the ISSO or SA, verify the only “hot key” feature enabled is the menu feature that allows the user to select the IS to be used from the displayed menu. If the configuration cannot be protected, this is a finding. |
Fix Text (F-6273r1_fix) |
---|
Disable any unauthorized "hot key" features in the KVM switch's configuration. |