STIGQter: STIG Summary: HP FlexFabric Switch NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jul 2020:

The HP FlexFabric Switch must have a local account that will only be used as an account of last resort with full access to the network device.

DISA Rule

SV-80785r1_rule

Vulnerability Number

V-66295

Group Title

SRG-APP-000516-NDM-000341

Rule Version

HFFS-ND-000140

Severity

CAT I

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the switch with a local user account that has network-admin and network-operator role.
[5900]local-user adminxxx
[5900-luser-manage-adminxxx]authorization-attribute user-role network-admin (or level=15)
[5900-luser-manage-adminxxx]authorization-attribute user-role network-operator
[5900-luser-manage-adminxxx]service-type terminal
[5900-luser-manage-adminxxx]password hash xxxxxxxxxxxxxx

Check Contents

Verify that the switch is configured with a local user that has full access by entering the following command: display local-user user-name <name of user account>.

The user role list should contain the following: network-admin, network-operator

If the switch does not have a local user with full access, this is a finding.

Vulnerability Number

V-66295

Documentable

False

Rule Version

HFFS-ND-000140

Severity Override Guidance

Verify that the switch is configured with a local user that has full access by entering the following command: display local-user user-name <name of user account>.

The user role list should contain the following: network-admin, network-operator

If the switch does not have a local user with full access, this is a finding.

Check Content Reference

M

Target Key

2971

Comments