The Enterprise Voice, Video, and Messaging Session Manager must be configured to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-260009 | SRG-NET-000138-VVSM-00101 | SV-260009r948988_rule | CCI-000764 | high |
| Description | ||||
| To ensure accountability and prevent unauthenticated access, organizational users must be uniquely identified and authenticated to prevent potential misuse and compromise of the system. Sharing of accounts prevents accountability and nonrepudiation. Organizational users must be uniquely identified and authenticated for all accesses. | ||||
| STIG | Date | |||
| Enterprise Voice, Video, and Messaging Session Management Security Requirements Guide | 2025-12-30 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
IA-2
1.00
- DISA · V1R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.5.1
1.00
- DISA · V1R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.5.2
1.00
- DISA · V1R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000764
1.00
- DISA · V1R2 · disa_xccdf · related
Details
Check Text (C-260009r948988_chk)
Verify the Enterprise Voice, Video, and Messaging Session Manager uniquely identifies all users.
If the Enterprise Voice, Video, and Messaging Session Manager does not uniquely identify all users, then is a finding.
Fix Text (F-63647r948987_fix)
Configure the Enterprise Voice, Video, and Messaging Session Manager to uniquely identify all users.