Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-3175 | NET1636 | SV-15448r4_rule | High |
Description |
---|
Network devices with no password for administrative access via a management connection provide the opportunity for anyone with network access to the device to make configuration changes enabling them to disrupt network operations resulting in a network outage. |
STIG | Date |
---|---|
Perimeter L3 Switch Security Technical Implementation Guide - Cisco | 2018-08-22 |
Check Text ( C-12913r8_chk ) |
---|
Review the network device configuration to verify all management connections for administrative access require authentication. aaa authentication login AUTH_LIST group tacacs+ local ! line vty 0 4 login authentication AUTH_LIST exec-timeout 10 0 transport input ssh Or using the default method list as shown in the example below. aaa authentication login default group tacacs+ local ! line vty 0 4 exec-timeout 10 0 transport input ssh |
Fix Text (F-3200r3_fix) |
---|
Configure authentication for all management connections. |