STIGQter STIGQter: STIG Summary: Cisco IOS XE Router NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020: The Cisco router must only store cryptographic representations of passwords.

DISA Rule

SV-105403r1_rule

Vulnerability Number

V-96265

Group Title

SRG-APP-000171-NDM-000258

Rule Version

CISC-ND-000620

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Configure the router to encrypt all passwords.

R4(config)#service password-encryption
R4(config)#end

Check Contents

Review the router configuration to determine if passwords are encrypted as shown in the example below.

service password-encryption

If the router is not configured to encrypt passwords, this is a finding.

Vulnerability Number

V-96265

Documentable

False

Rule Version

CISC-ND-000620

Severity Override Guidance

Review the router configuration to determine if passwords are encrypted as shown in the example below.

service password-encryption

If the router is not configured to encrypt passwords, this is a finding.

Check Content Reference

M

Target Key

3473

Comments