The network device must enforce access restrictions associated with changes to the system components.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-202131 | SRG-APP-000516-NDM-000335 | SV-202131r961863_rule | CCI-000345 | medium |
| Description | ||||
| Changes to the hardware or software components of the network device can have significant effects on the overall security of the network. Therefore, only qualified and authorized individuals should be allowed administrative access to the network device for implementing any changes or upgrades. This requirement applies to updates of the application files, configuration, ACLs, and policy filters. | ||||
| STIG | Date | |||
| Network Device Management Security Requirements Guide | 2025-02-11 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-5
1.00
- DISA · V5R3 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.4.5
1.00
- DISA · V5R3 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000345
1.00
- DISA · V5R3 · disa_xccdf · related
Details
Check Text (C-202131r961863_chk)
Check the network device to determine if only authorized administrators have permissions for changes, deletions and updates on the network device. Inspect the maintenance log to verify changes are being made only by the system administrators.
If unauthorized users are allowed to change the hardware or software, this is a finding.
Fix Text (F-2258r382068_fix)
Configure the network device to enforce access restrictions associated with changes to the system components.