STIGQter: STIG Summary: HP FlexFabric Switch NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jul 2020:

The HP FlexFabric Switch must enforce the assigned privilege level for each administrator and authorizations for access to all commands relative to the privilege level in accordance with applicable policy for the device.

DISA Rule

SV-80641r1_rule

Vulnerability Number

V-66151

Group Title

SRG-APP-000033-NDM-000212

Rule Version

HFFS-ND-000013

Severity

CAT I

CCI(s)

• CCI-000213 - The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Weight

10

Fix Recommendation

Configure the HP FlexFabric Switch to enforce the assigned privilege level for each administrator and authorizations for access to all commands relative to the privilege level in accordance with applicable policy for the switch.

[HP] local-user admin
[HP-luser-manage-admin]
[HP-luser-manage-admin]authorization-attribute user-role network-admin

Check Contents

Determine if the HP FlexFabric Switch is configured to enforce the assigned privilege level for each administrator and authorizations for access to all commands relative to the privilege level in accordance with applicable policy for the switch.

[HP] display local-user

Device management user admin:
State: Active
Service type: SSH/Telnet/Terminal
User group: system
Bind attributes:
Authorization attributes:
Work directory: flash:
User role list: network-admin

Password control configurations:

If the HP FlexFabric Switch does not enforce the assigned privilege level for each administrator and authorizations for access to all commands relative to the privilege level, this is a finding.

Vulnerability Number

V-66151

Documentable

False

Rule Version

HFFS-ND-000013

Severity Override Guidance

Determine if the HP FlexFabric Switch is configured to enforce the assigned privilege level for each administrator and authorizations for access to all commands relative to the privilege level in accordance with applicable policy for the switch.

[HP] display local-user

Device management user admin:
State: Active
Service type: SSH/Telnet/Terminal
User group: system
Bind attributes:
Authorization attributes:
Work directory: flash:
User role list: network-admin

Password control configurations:

If the HP FlexFabric Switch does not enforce the assigned privilege level for each administrator and authorizations for access to all commands relative to the privilege level, this is a finding.

Check Content Reference

M

Target Key

2971

Comments