Redis Enterprise DBMS must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
An XCCDF Rule
Description
<VulnDiscussion>Redis Enterprise allows the user to configure unique users per role. Review roles and ensure roles use unique organizational principles per user to the database. Redis does come with a default user for backwards compatibility. This user may be disabled.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-251222r879589_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
To fix this issue perform the following actions:
To audit this configuration:
1. Log in to Redis Enterprise Administrative Control Plane.
2. Go to databases tab.
3. Select each database and review the configuration by selecting edit.