STIGQter STIGQter: STIG Summary: Cisco IOS XR Router NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jan 2020: The Cisco router must be configured to limit the number of concurrent management sessions to an organization-defined number.

DISA Rule

SV-105509r1_rule

Vulnerability Number

V-96371

Group Title

SRG-APP-000001-NDM-000200

Rule Version

CISC-ND-000010

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the router to limit the number of concurrent management sessions to an organization-defined number as shown in the example below.

RP/0/0/CPU0:R3(config)#ssh server session-limit 2

Check Contents

Note: This requirement is not applicable to file transfer actions such as FTP, SCP and SFTP.

Review the router configuration to determine if concurrent management sessions are limited as show in the example below:

ssh server session-limit 2

If the router is not configured to limit the number of concurrent management sessions, this is a finding.

Vulnerability Number

V-96371

Documentable

False

Rule Version

CISC-ND-000010

Severity Override Guidance

Note: This requirement is not applicable to file transfer actions such as FTP, SCP and SFTP.

Review the router configuration to determine if concurrent management sessions are limited as show in the example below:

ssh server session-limit 2

If the router is not configured to limit the number of concurrent management sessions, this is a finding.

Check Content Reference

M

Target Key

3475

Comments