An error occurred:

Check: ISEC-06-000660

ISEC7 Sphere STIG: ISEC-06-000660 (in version v3 r1)

Title

ISEC7 SPHERE must disable or delete local account created during application installation and configuration. (Cat I impact)

Discussion

The ISEC7 local account password complexity controls do not meet DOD requirements; therefore, admins have the capability to configure the account out of compliance, which could allow attacker to gain unauthorized access to the server and access to command MDM servers.

Check Content

Log in to the ISEC7 SPHERE console. Navigate to Administration >> Configuration >> Account Management >> Users. Select "Edit" next to the local account Admin. Verify "Log in disabled" has been selected. If "Log in disabled" has not been selected, this is a finding.

Fix Text

Log in to the ISEC7 SPHERE console. Navigate to Administration >> Configuration >> Account Management >> Users. Select "Edit" next to the local account Admin. Check "Log in disabled" for the account. Click "Save".

Additional Identifiers

Rule ID: SV-224767r1013815_rule

Vulnerability ID: V-224767

Group Title: SRG-APP-000148

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000764

Uniquely identify and authenticate organizational users and associate that unique identification with processes acting on behalf of those users.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
IA-2

Identification and Authentication (organizational Users)