STIGQter: STIG Summary: A10 Networks ADC NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 15 Apr 2016:

The A10 Networks ADC must not use the default admin account.

DISA Rule

SV-82541r1_rule

Vulnerability Number

V-68051

Group Title

SRG-APP-000148-NDM-000246

Rule Version

AADC-NM-000048

Severity

CAT I

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

The following command changes the admin password for the account "admin" to the character string entered:
admin admin password [newpassword]
The prompt will change to show that the admin account is being configured.

The following command disables the account:
disable

Check Contents

Attempt to log on to the device using the default administrator logon and password.

If the logon is successful, this is a finding.

Review the device configuration.

The following command shows all of the configured accounts on the device:
show admin

If the admin account is enabled, this is a finding.

Vulnerability Number

V-68051

Documentable

False

Rule Version

AADC-NM-000048

Severity Override Guidance

Attempt to log on to the device using the default administrator logon and password.

If the logon is successful, this is a finding.

Review the device configuration.

The following command shows all of the configured accounts on the device:
show admin

If the admin account is enabled, this is a finding.

Check Content Reference

M

Target Key

2915

Comments