STIGQter STIGQter: STIG Summary: Cisco ISE NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 13 Apr 2021:

The Cisco ISE must be configured with only one local web-based account to be used as the account of last resort in the event the authentication server is unavailable.

DISA Rule

SV-242614r714152_rule

Vulnerability Number

V-242614

Group Title

SRG-APP-000148-NDM-000346

Rule Version

CSCO-NM-000080

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Create a local web-based administrator. ONLY one web-based admin account should exist on the local device. The default CLI account is also local and cannot be removed.

1. Choose Administration >> System >> Admin Access >> Administrators >> Admin Users >> Add.
2. From the drop-down, choose Create an Admin User.
3. Enter the admin name and other information.
4. Add the Super User group.
5. Click "Submit".

Check Contents

View the local admin users.

1. Choose Administration >> System >> Admin Access >> Administrators >> Admin Users >>View.
2. Verify there are only two local accounts are defined. Both must be in the Super User group. These users must be the web-based Account of Last Resort and the default CLI admin user.

If the Cisco ISE has unauthorized local users defined, this is a finding.

Vulnerability Number

V-242614

Documentable

False

Rule Version

CSCO-NM-000080

Severity Override Guidance

View the local admin users.

1. Choose Administration >> System >> Admin Access >> Administrators >> Admin Users >>View.
2. Verify there are only two local accounts are defined. Both must be in the Super User group. These users must be the web-based Account of Last Resort and the default CLI admin user.

If the Cisco ISE has unauthorized local users defined, this is a finding.

Check Content Reference

M

Target Key

5384

Comments