The HYCU virtual appliance must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-268274 | HYCU-ND-000670 | SV-268274r1038763_rule | Medium |
| Description |
| Authentication for administrative (privileged level) access to the device is required at all times. An account can be created on the device's local database for use when the authentication server is down or connectivity between the device and the authentication server is not operable. This account is referred to as the account of last resort since it is intended to be used as a last resort and when immediate administrative access is absolutely necessary. |
| STIG | Date |
| HYCU Protege Security Technical Implementation Guide | 2024-10-29 |
Details
| Check Text (C-72295r1038761_chk) |
| Log in to HYCU UI and ensure that admin user is the only user configured with HYCU Authentication type. If any other user except for built-in admin is configured with HYCU Authentication type, this is a finding. Log in to HYCU console, run the command "cat /etc/passwd" within the HYCU console and ensure no nondefault user account configured. If any other user apart from HYCU user is configured to access HYCU console, this is a finding. |
| Fix Text (F-72198r1038762_fix) |
| Log in to the HYCU Web UI, select Self-Service on the left menu. Then select Manage Users. Delete all users configured with HYCU Authentication type except from the built-in admin user. To check for any unauthorized users on the VM Console, run the following command: cat /etc/passwd Use the "userdel" command to remove any unauthorized users. |