Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
F5 BIG-IP Device Management Security Technical Implementation Guide
SRG-APP-000186-NDM-000266
SRG-APP-000186-NDM-000266
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-APP-000186-NDM-000266
1 Rule
<GroupDescription></GroupDescription>
The BIG-IP appliance must be configured to terminate all management sessions after 10 minutes of inactivity.
High Severity
<VulnDiscussion>If a device management session or connection remains open after management is completed, it may be hijacked by an attacker and used to compromise or damage the network device. Nonlocal device management and diagnostic activities are activities conducted by individuals communicating through an external network (e.g., the internet) or an internal network. If the remote node has abnormally terminated or an upstream link from the managed device is down, BIG IP F5 terminates the management session and associated connection by default, and this is not configurable.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>