The Juniper SRX Services Gateway must terminate the console session when the serial cable connected to the console port is unplugged.

From Juniper SRX SG NDM Security Technical Implementation Guide

Part of SRG-APP-000186-NDM-000266

Associated with: CCI-000879

SV-81091r1_rule The Juniper SRX Services Gateway must terminate the console session when the serial cable connected to the console port is unplugged.

Vulnerability discussion

If a device management session or connection remains open after management is completed, it may be hijacked by an attacker and used to compromise or damage the network device.

Check content

Verify this setting by entering the following commands in configuration mode. [edit] show system ports console If the log-out-on-disconnect is not set for the console port, this is a finding.

Fix text

Configure this setting by entering the following commands in configuration mode. [edit] system ports console set log-out-on-disconnect

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer