STIGQter: STIG Summary: Cisco ISE NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 13 Apr 2021:

The Cisco ISE must only allow authorized administrators to view or change the device configuration, system files, and other files stored.

DISA Rule

SV-242659r720805_rule

Vulnerability Number

V-242659

Group Title

SRG-APP-000231-NDM-000271

Rule Version

CSCO-NM-000540

Severity

CAT I

CCI(s)

• CCI-001199 - The information system protects the confidentiality and/or integrity of organization-defined information at rest.

Weight

10

Fix Recommendation

Create a local web-based administrator. ONLY one web-based admin account should exist on the local device. The default CLI account is also local and cannot be removed.

1. Choose Administration >> System >> Admin Access >> Administrators >> Admin Users >> Add.
2. From the drop-down, choose "Create an Admin User".
3. Enter the admin name and other information.
4. Add the Super User group.
5. Click "Submit".

Check Contents

View the local admin users.

1. Choose Administration >> System >> Admin Access >> Administrators >> Admin Users >>View.
2. Verify there are only two local accounts are defined. Both must be in the Super User group. These users must be the web-based Account of Last Resort and the default CLI admin user.

If the Cisco ISE has unauthorized local users defined, this is a finding.

Vulnerability Number

V-242659

Documentable

False

Rule Version

CSCO-NM-000540

Severity Override Guidance

View the local admin users.

1. Choose Administration >> System >> Admin Access >> Administrators >> Admin Users >>View.
2. Verify there are only two local accounts are defined. Both must be in the Super User group. These users must be the web-based Account of Last Resort and the default CLI admin user.

If the Cisco ISE has unauthorized local users defined, this is a finding.

Check Content Reference

M

Target Key

5384

Comments