Check: KVM03.007.00
KVM:
KVM03.007.00
(in version v2 r6)
Title
The network attached KVM switch must be configured to restrict a users access only to the systems they require. (Cat III impact)
Discussion
Users accessing ISs they do not need access to can lead to the compromise of sensitive data. The ISSO will ensure the KVM switch is configured to restrict a user’s access to only the systems they require.
Check Content
The reviewer will, with the assistance of the ISSO, try to access a system not allowed to the user signed onto the network attached KVM switch. If the user is able to access any systems, other than required systems, this is a finding.
Fix Text
Reconfigure the network attached KVM switch to restrict users to systems they need to access.
Additional Identifiers
Rule ID: SV-6908r2_rule
Vulnerability ID: V-6711
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |