STIGQter: STIG Summary: Unified Endpoint Management Server Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The UEM server must require the change of at least 15 of the total number of characters when passwords are changed.

DISA Rule

SV-234373r617355_rule

Vulnerability Number

V-234373

Group Title

SRG-APP-000170

Rule Version

SRG-APP-000170-UEM-000100

Severity

CAT II

CCI(s)

• CCI-000195 - The information system, for password-based authentication, when new passwords are created, enforces that at least an organization-defined number of characters are changed.

Weight

10

Fix Recommendation

Configure the UEM server to require the change of at least 15 of the total number of characters when passwords are changed.

Check Contents

Verify the UEM server requires the change of at least 15 of the total number of characters when passwords are changed.

If the UEM server does not require the change of at least 15 of the total number of characters when passwords are changed, this is a finding.

Vulnerability Number

V-234373

Documentable

False

Rule Version

SRG-APP-000170-UEM-000100

Severity Override Guidance

Verify the UEM server requires the change of at least 15 of the total number of characters when passwords are changed.

If the UEM server does not require the change of at least 15 of the total number of characters when passwords are changed, this is a finding.

Check Content Reference

M

Target Key

5269

Comments