STIGQter STIGQter: STIG Summary: Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 25 Oct 2019:

Riverbed Optimization System (RiOS) must require that when a password is changed, the characters are changed in at least 15 of the positions within the password.

DISA Rule

SV-77461r1_rule

Vulnerability Number

V-62971

Group Title

SRG-APP-000170-NDM-000329

Rule Version

RICX-DM-000119

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure RiOS to require that when a password is changed, the characters are changed in at least 15 of the positions within the password.

Navigate to the device Management Console
Navigate to Configure >> Security >> Password Policy

Set the value of "Minimum Character Difference Between Passwords:" to "15"

Click "Apply"
Navigate to the top of the web page and click "Save" to save these settings permanently

Check Contents

Verify that RiOS is configured to require that when a password is changed, the characters are changed in at least 15 of the positions within the password.

Navigate to the device Management Console
Navigate to Configure >> Security >> Password Policy

Verify that "Minimum Character Difference Between Passwords:" is set to "15"

If "Minimum Character Difference Between Passwords:" is not set to "15", this is a finding.

Vulnerability Number

V-62971

Documentable

False

Rule Version

RICX-DM-000119

Severity Override Guidance

Verify that RiOS is configured to require that when a password is changed, the characters are changed in at least 15 of the positions within the password.

Navigate to the device Management Console
Navigate to Configure >> Security >> Password Policy

Verify that "Minimum Character Difference Between Passwords:" is set to "15"

If "Minimum Character Difference Between Passwords:" is not set to "15", this is a finding.

Check Content Reference

M

Target Key

2931

Comments