Check: SRG-APP-000005-NDM-000204
Network Device Management SRG:
SRG-APP-000005-NDM-000204
(in versions v4 r3 through v2 r7)
Title
The network device must retain the session lock until the administrator reestablishes access using established identification and authentication procedures. (Cat II impact)
Discussion
A session lock is a temporary network device or administrator-initiated action taken when the administrator stops work but does not log out of the network device. Once invoked, the session lock shall remain in place until the administrator re-authenticates. No other system activity aside from re-authentication shall unlock the management session.
Check Content
Review the network device configuration to determine if the device retains session lock until the administrator re-authenticates. This may be verified by configuration check, demonstration, or other validation test results. If the device does not require re-authentication before releasing the session lock, this is a finding.
Fix Text
Configure the network device to retain session lock until the administrator re-authenticates.
Additional Identifiers
Rule ID: SV-202009r879515_rule
Vulnerability ID: V-202009
Group Title: SRG-APP-000005
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000056 |
The information system retains the session lock until the user reestablishes access using established identification and authentication procedures. |
Controls
Number | Title |
---|---|
AC-11 |
Session Lock |