AAA Services must be configured to require users to be individually authenticated before granting access to the shared accounts or resources.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-263531 | SRG-APP-000815-AAA-000140 | SV-263531r982389_rule | CCI-004045 | medium |
| Description | ||||
| Individual authentication prior to shared group authentication mitigates the risk of using group accounts or authenticators. | ||||
| STIG | Date | |||
| AAA Services Security Requirements Guide | 2024-12-04 | |||
Related Frameworks
2 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
IA-2(5)
1.00
- DISA · V2R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI1 mapping
CCI-004045
1.00
- DISA · V2R2 · disa_xccdf · related
Details
Check Text (C-263531r982389_chk)
Verify AAA Services is configured to require users to be individually authenticated before granting access to the shared accounts or resources.
If AAA Services is not configured to require users to be individually authenticated before granting access to the shared accounts or resources, this is a finding.
Fix Text (F-67339r981603_fix)
Configure AAA Services to require users to be individually authenticated before granting access to the shared accounts or resources.