Check: KVM03.006.00
KVM:
KVM03.006.00
(in version v2 r6)
Title
Group or shared user ids must not be used on a network attached KVM switch. (Cat I impact)
Discussion
Usage of group or shared user ids makes it impossible to attribute an action to the originating user. In the case of a malicious action this could make prosecution impossible. The ISSO will ensure group or shared user ids are not used.
Check Content
The reviewer will interview the ISSO and verify that group or shared user ids are not being used. If group or shared user ids are being used, this is a finding.
Fix Text
Remove the shared or group user ids and issue individual user ids to each user that requires access to the network attached KVM switch.
Additional Identifiers
Rule ID: SV-6907r2_rule
Vulnerability ID: V-6710
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |