STIGQter: STIG Summary: Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 25 Oct 2019:

Riverbed Optimization System (RiOS) must enforce password complexity by requiring that at least one lower-case character be used.

DISA Rule

SV-77455r1_rule

Vulnerability Number

V-62965

Group Title

SRG-APP-000167-NDM-000255

Rule Version

RICX-DM-000116

Severity

CAT II

CCI(s)

• CCI-000193 - The information system enforces password complexity by the minimum number of lower case characters used.

Weight

10

Fix Recommendation

Configure RiOS to enforce a password complexity that requires at least one lower-case character.

Navigate to the device Management Console
Navigate to Configure >> Security >> Password Policy

Set the value of "Minimum Lowercase Characters:" to "1"

Click "Apply"
Navigate to the top of the web page and click "Save" to save these settings permanently

Check Contents

Verify that RiOS is configured to enforce password complexity that requires at least one lower-case character.

Navigate to the device Management Console
Navigate to Configure >> Security >> Password Policy

Verify that "Minimum Lowercase Characters:" is set to "1"

If "Minimum Lowercase Characters:" is not set to "1", this is a finding.

Vulnerability Number

V-62965

Documentable

False

Rule Version

RICX-DM-000116

Severity Override Guidance

Verify that RiOS is configured to enforce password complexity that requires at least one lower-case character.

Navigate to the device Management Console
Navigate to Configure >> Security >> Password Policy

Verify that "Minimum Lowercase Characters:" is set to "1"

If "Minimum Lowercase Characters:" is not set to "1", this is a finding.

Check Content Reference

M

Target Key

2931

Comments