STIGQter: STIG Summary: DBN-6300 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:

The DBN-6300 must enforce 24 hours/1 day as the minimum password lifetime.

DISA Rule

SV-91667r1_rule

Vulnerability Number

V-76971

Group Title

SRG-APP-000173-NDM-000260

Rule Version

DBNW-DM-000064

Severity

CAT II

CCI(s)

CCI-000198 - The information system enforces minimum password lifetime restrictions.

Weight

Fix Recommendation

Set the password-minAge variable within the DBN-6300 through the CLI.

This value is set with the following registry entry in the CLI:
reg set /sysconfig/auth/01 {"stores": {"local": {"policies": {"passwordReuse": {"check": true, "minAge": 3600 }}}}}

Check Contents

To see if the system requires a minimum password lifetime attempt to change your password two times quickly.

If the user is able to change their password the second time, this is a finding.

Vulnerability Number

V-76971

Documentable

False

Rule Version

DBNW-DM-000064

Severity Override Guidance

To see if the system requires a minimum password lifetime attempt to change your password two times quickly.

If the user is able to change their password the second time, this is a finding.

Check Content Reference

Target Key

2947

The DBN-6300 must enforce 24 hours/1 day as the minimum password lifetime.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments