UCF STIG Viewer Logo

Tanium must set an inactive timeout for sessions.


Overview

Finding ID Version Rule ID IA Controls Severity
V-78757 TANS-SV-000067 SV-93463r1_rule Medium
Description
Leaving sessions open indefinitely is a major security risk. An attacker can easily use an already authenticated session to access the hosted application as the previously authenticated user. By closing sessions after a set period of inactivity, the web server can make certain that sessions that are not closed through the user logging out of an application are eventually closed. Acceptable values are 5 minutes for high-value applications, 10 minutes for medium-value applications, and 20 minutes for low-value applications.
STIG Date
Tanium 7.0 Security Technical Implementation Guide 2018-07-09

Details

Check Text ( C-78333r1_chk )
Using a web browser on a system that has connectivity to Tanium, access the Tanium web user interface (UI) and log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console.

Click on "Administration".

Select the "Global Settings" tab.

In the "Show Settings Containing:" search box, type "max_console_idle_seconds". Enter.

If no results are returned, this is a finding.

If results are returned for "max_console_idle_seconds", but the value is not "900" or less, this is a finding.
Fix Text (F-85499r1_fix)
Using a web browser on a system that has connectivity to Tanium, access the Tanium web UI and log on with CAC.

Click on the navigation button (hamburger menu) on the top left of the console and then click on "Administration".

Select the "Global Settings" tab.

Click on "New Setting".

In "New System Setting" dialog box, enter "max_console_idle_seconds" for "Setting Name:".

Enter "900" for "Setting Value:".

Select "Server" from the "Affects" drop-down list.

Select "Numeric" from the "Value Type" drop-down list.

Click "Save".

If "max_console_idle_seconds" exists but is not "900" or less, select the box beside the value and click "Edit".

Enter "900" or less for "Setting Value:".

Click "Save".