Skip to content
ATO Pathways
  Log In

CCI-002041

The information system allows the use of a temporary password for system logons with an immediate change to a permanent password.

Logo
3

Rule

Severity: Medium
Policy Requires Immediate Change of Temporary Passwords
Logo
1

Rule

Severity: Medium
AAA Services must be configured to allow the use of a temporary password at initial logon with an immediate change to a permanent password.
Logo
1

Rule

Severity: Medium
Compliance Guardian must provide automated mechanisms for supporting account management functions.
Logo
1

Rule

Severity: Medium
The Arista network device must be configured with only one local account to be used as the account of last resort in the event the authentication server is unavailable.
Logo
1

Rule

Severity: Medium
The application must allow the use of a temporary password for system logons with an immediate change to a permanent password.
Logo
1

Rule

Severity: Medium
The CA API Gateway must not have any default manufacturer passwords when deployed.
Logo
1

Rule

Severity: Medium
For locally created accounts in the application, the Central Log Server must be configured to allow the use of a temporary password for system logons with an immediate change to a permanent password.
Logo
1

Rule

Severity: Medium
LDAP integration in Docker Enterprise must be configured.
Logo
1

Rule

Severity: Medium
The FortiGate device must not have any default manufacturer passwords when deployed.
Logo
1

Rule

Severity: Medium
The HP FlexFabric Switch must allow the use of a temporary password for system logons with an immediate change to a permanent password.
Logo
1

Rule

Severity: Medium
The HYCU VM console must not have any default manufacturer passwords when deployed.
Logo
1

Rule

Severity: Medium
IBM Aspera Faspex must allow the use of a temporary password for logins with an immediate change to a permanent password.
Logo
1

Rule

Severity: Medium
The Mainframe Product must allow the use of a temporary password for system logons with an immediate change to a permanent password.
Logo
1

Rule

Severity: Medium
The Microsoft SCOM server must use an active directory group that contains authorized members of the SCOM Administrators Role Group.
Logo
1

Rule

Severity: Medium
The default Builtin\Administrators group must be removed from the SCOM Administrators Role Group.
Logo
5

Rule

Severity: Medium
The network device must not have any default manufacturer passwords when deployed.
Logo
1

Rule

Severity: Medium
Access to Prisma Cloud Compute must be managed based on user need and least privileged  using external identity providers for authentication and grouping to role-based assignments when possible.
Logo
1

Rule

Severity: High
The Riverbed NetProfiler must change the default admin credentials so they do not use the default manufacturer passwords when deployed.
Logo
1

Rule

Severity: High
Innoslate must use multifactor authentication for network access to privileged and non-privileged accounts.
Logo
1

Rule

Severity: Medium
Symantec ProxySG must not have a default manufacturer passwords when deployed.
Logo
2

Rule

Severity: Medium
The Ubuntu operating system must allow the use of a temporary password for system logons with an immediate change to a permanent password.
Logo
1

Rule

Severity: Medium
The container platform must allow the use of a temporary password for system logons with an immediate change to a permanent password.
Logo
1

Rule

Severity: Medium
The HPE Nimble must not have any default manufacturer passwords when deployed.
Logo
1

Rule

Severity: Medium
The operating system must allow the use of a temporary password for system logons with an immediate change to a permanent password.
Logo
1

Rule

Severity: Medium
AIX must implement a way to force an identified temporary user to renew their password at next login.
Logo
2

Rule

Severity: Medium
CA-TSS ACID creation must use the EXP option.
Logo
1

Rule

Severity: Medium
The Palo Alto Networks security platform must allow the use of a temporary password for system logons with an immediate change to a permanent password.
Logo
1

Rule

Severity: High
OpenShift must use FIPS validated LDAP or OpenIDConnect.
Logo
1

Rule

Severity: Medium
The process by which the Solidcore client Command Line Interface (CLI) Access Password is made available to administrators when needed must be documented in the organizations written policy.
Logo
1

Rule

Severity: Medium
The VMM must allow the use of a temporary password for system logons with an immediate change to a permanent password.
Logo
1

Rule

Severity: Medium
The BIG-IP appliance must be configured to allow the use of a temporary password for system logons with an immediate change to a permanent password.

Patternfly

PatternFly elements

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules