Skip to content
Catalogs
XCCDF
Trend Micro TippingPoint NDM Security Technical Implementation Guide
SRG-APP-000317-NDM-000282
The password for the local account of last resort and the device password (if configured) must be changed when members who had access to the password leave the role and are no longer authorized access.
The password for the local account of last resort and the device password (if configured) must be changed when members who had access to the password leave the role and are no longer authorized access. An XCCDF Rule
The password for the local account of last resort and the device password (if configured) must be changed when members who had access to the password leave the role and are no longer authorized access.
Medium Severity
<VulnDiscussion>If shared/group account credentials are not terminated when individuals leave the group, the user that left the group can still gain access even though they are no longer authorized. There may also be instances when specific user actions need to be performed on the network device without unique administrator identification or authentication.
A shared/group account credential is a shared form of authentication that allows multiple individuals to access the network device using a single account.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>