Nutanix AOS must prohibit the use of cached authenticators.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-254221 | NUTX-OS-001370 | SV-254221r846751_rule | Medium |
| Description |
|---|
| If cached authentication information is out-of-date, the validity of the authentication information may be questionable. |
| STIG | Date |
|---|---|
| Nutanix AOS 5.20.x OS Security Technical Implementation Guide | 2022-08-24 |
Details
| Check Text ( C-57706r846749_chk ) |
|---|
| Confirm Nutanix AOS is not configured to allow cached credentials via the System Security Session Daemon (SSSD). $ service sssd status If the sssd service is installed or active, this is a finding. |
| Fix Text (F-57657r846750_fix) |
|---|
| If the SSSD service is installed, the Controller VM must be reinstalled. |