STIGQter: STIG Summary: CA API Gateway NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 19 Sep 2016:

The CA API Gateway must not have any default manufacturer passwords when deployed.

DISA Rule

SV-86151r1_rule

Vulnerability Number

V-71527

Group Title

SRG-APP-000080-NDM-000345

Rule Version

CAGW-DM-000140

Severity

CAT II

CCI(s)

• CCI-002041 - The information system allows the use of a temporary password for system logons with an immediate change to a permanent password.

Weight

10

Fix Recommendation

Use the "passwd" command to set non-default passwords.

Check Contents

Verify login as "root" (at the console) and "ssgconfig" have non-default passwords.

The default password for "root" is "7layer" and the default password for "ssgconfig" is "7layer".

If root or ssgconfig use default passwords, this is a finding.

Vulnerability Number

V-71527

Documentable

False

Rule Version

CAGW-DM-000140

Severity Override Guidance

Verify login as "root" (at the console) and "ssgconfig" have non-default passwords.

The default password for "root" is "7layer" and the default password for "ssgconfig" is "7layer".

If root or ssgconfig use default passwords, this is a finding.

Check Content Reference

M

Target Key

3051

Comments