Check: SRG-APP-000400-DB-000367
Database SRG:
SRG-APP-000400-DB-000367
(in versions v3 r4 through v2 r10)
Title
The DBMS must prohibit the use of cached authenticators after an organization-defined time period. (Cat II impact)
Discussion
If cached authentication information is out-of-date, the validity of the authentication information may be questionable.
Check Content
Review system settings to determine whether the organization-defined limit for cached authentication is implemented. If it is not implemented, this is a finding.
Fix Text
Modify system settings to implement the organization-defined limit on the lifetime of cached authenticators.
Additional Identifiers
Rule ID: SV-206601r879773_rule
Vulnerability ID: V-206601
Group Title: SRG-APP-000400
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-002007 |
The information system prohibits the use of cached authenticators after an organization-defined time period. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| IA-5 (13) |
Expiration Of Cached Authenticators |