An error occurred:

Check: SRG-APP-000815-WSR-000160

Web Server SRG: SRG-APP-000815-WSR-000160 (in versions v4 r2 through v4 r1)

Title

The web server must require users to be individually authenticated before granting access to the shared accounts or resources. (Cat II impact)

Discussion

Individual authentication prior to shared group authentication mitigates the risk of using group accounts or authenticators.

Check Content

Verify the web server is configured to require users to be individually authenticated before granting access to the shared accounts or resources. If the web server is not configured to require users to be individually authenticated before granting access to the shared accounts or resources, this is a finding.

Fix Text

Configure the web server to require users to be individually authenticated before granting access to the shared accounts or resources.

Additional Identifiers

Rule ID: SV-264342r984371_rule

Vulnerability ID: V-264342

Group Title: SRG-APP-000815

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-004045

Require users to be individually authenticated before granting access to the shared accounts or resources.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check