The Voice Video Endpoint must implement replay-resistant authentication mechanisms for network access.

From Voice Video Endpoint Security Requirements Guide

Associated with: CCI-001942

SV-81199r1_rule The Voice Video Endpoint must implement replay-resistant authentication mechanisms for network access.

Vulnerability discussion

A replay attack may enable an unauthorized user to gain access to the application. Authentication sessions between the authenticator and the application validating the user credentials must not be vulnerable to a replay attack. An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. Voice video endpoints often use passwords or PINs that can be easily exploited.This requirement only applies to components where this is specific to the function of the device or has the concept of an organizational user. This does not apply to authentication for the purpose of configuring the device itself (i.e., device management).

Check content

Verify the Voice Video Endpoint implements replay-resistant authentication mechanisms for network access. If the Voice Video Endpoint does not implement replay-resistant authentication mechanisms for network access, this is a finding.

Fix text

Configure the Voice Video Endpoint to implement replay-resistant authentication mechanisms for network access.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.