Check: SRG-APP-000400-DB-000367
Database SRG:
SRG-APP-000400-DB-000367
(in versions v4 r2 through v2 r9)
Title
The DBMS must prohibit the use of cached authenticators after an organization-defined time period. (Cat II impact)
Discussion
If cached authentication information is out-of-date, the validity of the authentication information may be questionable.
Check Content
Review system settings to determine whether the organization-defined limit for cached authentication is implemented. If it is not implemented, this is a finding.
Fix Text
Modify system settings to implement the organization-defined limit on the lifetime of cached authenticators.
Additional Identifiers
Rule ID: SV-206601r961521_rule
Vulnerability ID: V-206601
Group Title: SRG-APP-000400
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
Number | Definition |
---|---|
CCI-002007 |
Prohibit the use of cached authenticators after an organization-defined time period. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
Number | Title |
---|---|
IA-5(13) |
Expiration of Cached Authenticators |