STIGQter: STIG Summary: A10 Networks ADC NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 15 Apr 2016:

Operators of the A10 Networks ADC must not use the Telnet client built into the device.

DISA Rule

SV-82577r1_rule

Vulnerability Number

V-68087

Group Title

SRG-APP-000411-NDM-000330

Rule Version

AADC-NM-000118

Severity

CAT II

CCI(s)

• CCI-002890 - The information system implements cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications.

Weight

10

Fix Recommendation

The device has a Telnet client that is available at the privileged exec level. Do not use it; use SSH from a management workstation instead.

Check Contents

Determine if any operators have used Telnet. Evidence of the use of Telnet will be in the audit log.

The following command shows any instances of the word "telnet" in the audit log:
show audit | inc telnet

If the log shows the use of the Telnet command, this is a finding.

Vulnerability Number

V-68087

Documentable

False

Rule Version

AADC-NM-000118

Severity Override Guidance

Determine if any operators have used Telnet. Evidence of the use of Telnet will be in the audit log.

The following command shows any instances of the word "telnet" in the audit log:
show audit | inc telnet

If the log shows the use of the Telnet command, this is a finding.

Check Content Reference

M

Target Key

2915

Comments