STIGQter STIGQter: STIG Summary: Cisco ISE NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 13 Apr 2021:

The Cisco ISE must enforce access restrictions associated with changes to the firmware, OS, and hardware components.

DISA Rule

SV-242632r714206_rule

Vulnerability Number

V-242632

Group Title

SRG-APP-000516-NDM-000335

Rule Version

CSCO-NM-000260

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

1. Choose Administration >> System >> Admin Access >> Administrators >> Admin Groups.
2. Review the users for the groups with edit access such as Helpdesk Admin, Network Device Admin, SuperAdmin, and System Admin at a minimum.
3. To delete users from the admin group, check the check box corresponding to the user that you want to delete, and click "Remove".
4. Click "Submit".

Check Contents

Determine if groups with access such as Helpdesk Admin, Network Device Admin, SuperAdmin, and System Admin (at a minimum) are assigned unauthorized users.

1. Choose Administration >> System >> Admin Access >> Administrators >> Admin Groups.
2. Review the users for the groups with edit access such as Helpdesk Admin, Network Device Admin, SuperAdmin, and System Admin at a minimum.

If the Cisco ISE does not enforce access restrictions associated with changes to the firmware, OS, and hardware components, this is a finding.

Vulnerability Number

V-242632

Documentable

False

Rule Version

CSCO-NM-000260

Severity Override Guidance

Determine if groups with access such as Helpdesk Admin, Network Device Admin, SuperAdmin, and System Admin (at a minimum) are assigned unauthorized users.

1. Choose Administration >> System >> Admin Access >> Administrators >> Admin Groups.
2. Review the users for the groups with edit access such as Helpdesk Admin, Network Device Admin, SuperAdmin, and System Admin at a minimum.

If the Cisco ISE does not enforce access restrictions associated with changes to the firmware, OS, and hardware components, this is a finding.

Check Content Reference

M

Target Key

5384

Comments