Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-4582 | NET1623 | SV-19270r3_rule | IAIA-1 IAIA-2 | High |
Description |
---|
Network devices with no password for administrative access via the console provide the opportunity for anyone with physical access to the device to make configuration changes enabling them to disrupt network operations resulting in a network outage. |
STIG | Date |
---|---|
Perimeter Router Security Technical Implementation Guide Cisco | 2016-01-04 |
Check Text ( C-20059r3_chk ) |
---|
Review the network device's configuration and verify authentication is required for console access. If the device is accessed via the aux port, then verify that this port also requires authentication. If it is not used, then it must be disabled. The console port and the disabled aux port should look similar to the configuration example below that references an authentication list configured as AUTH_LIST. line con 0 login authentication AUTH_LIST exec-timeout 10 0 line aux 0 no exec |
Fix Text (F-4515r4_fix) |
---|
Configure authentication for console access on the network device. |