Check: SRG-APP-000296-NDM-000280
Network Device Management SRG:
SRG-APP-000296-NDM-000280
(in versions v4 r3 through v3 r3)
Title
The network device must be configured to provide a logout mechanism for administrator-initiated communication sessions. (Cat II impact)
Discussion
If an administrator cannot explicitly end a device management session, the session may remain open and be exploited by an attacker; this is referred to as a zombie session.
Check Content
Review the network device configuration to determine if it is configured to enable a logout for administrator-initiated communication sessions. If the network device is not configured to provide a logout mechanism for these sessions, this is a finding.
Fix Text
Configure the network device to provide a logout capability for administrator-initiated communication sessions.
Additional Identifiers
Rule ID: SV-202085r879674_rule
Vulnerability ID: V-202085
Group Title: SRG-APP-000296
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002363 |
The information system provides a logout capability for user-initiated communications sessions whenever authentication is used to gain access to organization-defined information resources. |
Controls
Number | Title |
---|---|
AC-12 (1) |
User-Initiated Logouts / Message Displays |