UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The designer will ensure the application provides a capability to terminate a session and log out.


Overview

Finding ID Version Rule ID IA Controls Severity
V-6155 APP3420 SV-6155r1_rule DCSQ-1 Medium
Description
If a user cannot log out of the application, subsequent users of a shared system could continue to use the previous user's session to the application.
STIG Date
Application Security and Development Checklist 2014-04-03

Details

Check Text ( C-3034r1_chk )
Log on to the application and then attempt to log out. If this option is not available, ask the application representative to explain how this function is performed.

1) If the ability to log out is absent or is hidden to the extent most users cannot reasonably expect to easily find it, it is a finding.
Fix Text (F-17075r1_fix)
Implement a capability to terminate a session and logout.