Title

Crash-restart vulnerabilities are present on the DSN system component. (Cat II impact)

Discussion

Requirement: The IAO will ensure that tests are performed for crash-restart vulnerabilities and develop procedures to eliminate vulnerabilities found (i.e., ensure ENHANCED_PASSWORD_CONTROL is active to prevent system logons after restart on Nortel switches). Some systems reset to default settings (i.e. users names, passwords, user access privileges) when a re-boot is initiated. If this is the case and a restart occurs and action is not taken to reset default settings, the risk is increased for unauthorized access.

Check Content

ensure ENHANCED_PASSWORD_CONTROL is active to prevent system logons after restart on Nortel switches

Fix Text

Implement processes / procedures, generate documents, and/or adjust configuration(s) / architecture, as necessary to comply with policy.

Additional Identifiers

Rule ID: SV-8456r1_rule

Vulnerability ID: V-7970

Group Title: Crash-restart vulnerabilities are present.

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.