STIGQter: STIG Summary: DBN-6300 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 12 Sep 2017:

The DBN-6300 must enforce a 60-day maximum password lifetime restriction.

DISA Rule

SV-91669r1_rule

Vulnerability Number

V-76973

Group Title

SRG-APP-000174-NDM-000261

Rule Version

DBNW-DM-000065

Severity

CAT II

CCI(s)

• CCI-000199 - The information system enforces maximum password lifetime restrictions.

Weight

10

Fix Recommendation

Set the password-maxAge variable within the DBN-6300 through the CLI.

This value is set with the following registry entry in the CLI:
reg set /sysconfig/auth/01 {"stores": {"local": {"policies": {"passwordExpire": {"maxAge": 216000,"action": "reject"}}}}}

Check Contents

To see if the system requires a maximum password lifetime attempt to login with a user who has had their password set longer then password lifetime setting.

If a user is able to log in successfully, this is a finding.

Vulnerability Number

V-76973

Documentable

False

Rule Version

DBNW-DM-000065

Severity Override Guidance

To see if the system requires a maximum password lifetime attempt to login with a user who has had their password set longer then password lifetime setting.

If a user is able to log in successfully, this is a finding.

Check Content Reference

M

Target Key

2947

Comments