STIGQter: STIG Summary: HP FlexFabric Switch NDM Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jul 2020:

If the HP FlexFabric Switch uses role-based access control, the HP FlexFabric Switch must enforce organization-defined role-based access control policies over defined subjects and objects.

DISA Rule

SV-80723r1_rule

Vulnerability Number

V-66233

Group Title

SRG-APP-000329-NDM-000287

Rule Version

HFFS-ND-000089

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-002169 - The information system enforces a role-based access control policy over defined subjects and objects.

Weight

10

Fix Recommendation

Configure the HP FlexFabric Switch to enforce organization-defined discretionary access control policies over defined subjects and objects.
Below is an example of a test user being assigned pre-defined user-role network-operator:

[HP] local-user test
[HP-luser-test] authorization-attribute user-role network-operator

Check Contents

Check the HP FlexFabric Switch to determine if organization-defined discretionary access control policies are enforced over defined subjects and objects.

[HP] display local-user

local-user test
authorization-attribute user-role network-operator

If organization-defined discretionary access control policies are not enforced over defined subjects and objects, this is a finding.

Vulnerability Number

V-66233

Documentable

False

Rule Version

HFFS-ND-000089

Severity Override Guidance

Check the HP FlexFabric Switch to determine if organization-defined discretionary access control policies are enforced over defined subjects and objects.

[HP] display local-user

local-user test
authorization-attribute user-role network-operator

If organization-defined discretionary access control policies are not enforced over defined subjects and objects, this is a finding.

Check Content Reference

M

Target Key

2971

Comments