Skip to content

ISEC7 EMM Suite must disable or delete local account created during application installation and configuration.

An XCCDF Rule

Description

<VulnDiscussion>The ISEC7 local account password complexity controls do not meet DoD requirements; therefore, admins have the capability to configure the account out of compliance, which could allow attacker to gain unauthorized access to the server and access to command MDM servers.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-106373r1_rule
Severity
High
References
Updated



Remediation - Manual Procedure

Log in to the ISEC7 EMM Suite console.
Navigate to Administration >> Configuration  >> Account Management >> Users.
Select Edit next to the local account Admin.
Check Login disabled for the account.
Click Save.