Unauthorized accounts must not be configured for access to the network device.

From Perimeter L3 Switch Security Technical Implementation Guide - Cisco

Part of Unauthorized accounts are configured to access device.

SV-3058r5_rule Unauthorized accounts must not be configured for access to the network device.

Vulnerability discussion

A malicious user attempting to gain access to the network device may compromise an account that may be unauthorized for use. The unauthorized account may be a temporary or inactive account that is no longer needed to access the device. Denial of Service, interception of sensitive information, or other destructive actions could potentially take place if an unauthorized account is configured to access the network device.

Check content

Review the organization's responsibilities list and reconcile the list of authorized accounts with those accounts defined for access to the network device. If an unauthorized account is configured for access to the device, this is a finding.

Fix text

Remove any account configured for access to the network device that is not defined in the organization's responsibilities list.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer