Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-6638 | SAN04.015.00 | SV-6780r1_rule | IAIA-1 IAIA-2 | Low |
Description |
---|
If the manufacturer's default PKI keys are allowed to remain active on the device, it can be accessed by a malicious individual with access to the default key. The IAO/NSO will ensure that the manufacturer’s default PKI keys are changed prior to attaching the switch to the SAN Fabric. |
STIG | Date |
---|---|
Storage Area Network STIG | 2018-10-03 |
Check Text ( C-2548r1_chk ) |
---|
The reviewer will, with the assistance of the IAO/NSO, verify that the manufacturer’s default PKI keys have been changed prior to attaching the switch to the SAN Fabric. |
Fix Text (F-6237r1_fix) |
---|
Depending on the functionality allowed by the device, develop a plan remove, disable or change the manufacturer’s default PKI certificate so that it cannot be used for identification and authorization. Obtain CM approval for the plan and implement the plan. |