STIGQter: STIG Summary: SDN Controller Security Requirements Guide Version: 1 Release: 2 Benchmark Date: 24 Apr 2020:

The SDN controller must be configured to prohibit user installation of software without explicit privileged status.

DISA Rule

SV-95519r1_rule

Vulnerability Number

V-80809

Group Title

SRG-NET-000512

Rule Version

SRG-NET-000512-SDN-001090

Severity

CAT II

CCI(s)

• CCI-001812 - The information system prohibits user installation of software without explicit privileged status.

Weight

10

Fix Recommendation

Document the approval for non-administrative users who require the ability to install, modify, or replace software modules within the SDN controller framework. Configure the SDN controller to revoke the installation of software modules by any unapproved permissions or access levels.

Check Contents

Review documentation of non-administrative users who have been given access permissions to install, modify, or replace software modules within the SDN controller framework. Review the SDN controller configuration to determine that only authorized users have the permissions to install, modify, or replace software modules.

If the SDN controller is not configured to revoke unauthorized attempts to install, modify, or replace software modules, this is a finding.

Vulnerability Number

V-80809

Documentable

False

Rule Version

SRG-NET-000512-SDN-001090

Severity Override Guidance

Review documentation of non-administrative users who have been given access permissions to install, modify, or replace software modules within the SDN controller framework. Review the SDN controller configuration to determine that only authorized users have the permissions to install, modify, or replace software modules.

If the SDN controller is not configured to revoke unauthorized attempts to install, modify, or replace software modules, this is a finding.

Check Content Reference

M

Target Key

3333

Comments