STIGQter: STIG Summary: Citrix Virtual Apps and Desktop 7.x Linux Virtual Delivery Agent Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Jan 2021:

The application must limit the number of concurrent sessions to three.

DISA Rule

SV-234255r628796_rule

Vulnerability Number

V-234255

Group Title

SRG-APP-000001

Rule Version

LVDA-VD-000005

Severity

CAT II

CCI(s)

• CCI-000054 - The information system limits the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number of sessions.

Weight

10

Fix Recommendation

Open Citrix Studio, select "Policy Panel", check for Computer Policies.

Maximum number of sessions (MaximumNumberOfSessions) policy set to "ENABLED" and limit set to "3".

Check Contents

Open Citrix Studio, select "Policy Panel", check for Computer Policies.

Maximum number of sessions (MaximumNumberOfSessions) policy is "ENABLED" and explicitly applied to Linux Desktop/Application Delivery Groups.

If Maximum Number of Sessions policy is "DISABLED" or limit not set to "3", this is a finding.

Vulnerability Number

V-234255

Documentable

False

Rule Version

LVDA-VD-000005

Severity Override Guidance

Open Citrix Studio, select "Policy Panel", check for Computer Policies.

Maximum number of sessions (MaximumNumberOfSessions) policy is "ENABLED" and explicitly applied to Linux Desktop/Application Delivery Groups.

If Maximum Number of Sessions policy is "DISABLED" or limit not set to "3", this is a finding.

Check Content Reference

M

Target Key

5266

Comments