Check: CNTR-PC-000590
Palo Alto Networks Prisma Cloud Compute STIG:
CNTR-PC-000590
(in versions v1 r3 through v1 r1)
Title
Prisma Cloud Compute must be configured with unique user accounts. (Cat II impact)
Discussion
Sharing accounts, such as group accounts, reduces the accountability and integrity of Prisma Cloud Compute.
Check Content
Navigate to Prisma Cloud Compute Console's >> Manage >> Authentication >> Users tab. Review the accounts for uniqueness. If there are shared local accounts, this is a finding.
Fix Text
Navigate to Prisma Cloud Compute Console's Manage >> Authentication >> Users tab. Delete shared accounts and create a unique account for every Prisma Cloud Compute user. Delete shared accounts: - Click the three-dot menu. - Click "Delete" and confirm "Delete User". Create a local user account where the local user account is unique: - Click "+Add user". - Complete the form and click "Save".
Additional Identifiers
Rule ID: SV-253537r879594_rule
Vulnerability ID: V-253537
Group Title: SRG-APP-000153-CTR-000375
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000770 |
The organization requires individuals to be authenticated with an individual authenticator when a group authenticator is employed. |
Controls
Number | Title |
---|---|
IA-2 (5) |
Group Authentication |