The WLAN inactive/idle session timeout must be set for 30 minutes or less.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-243233 | WLAN-NW-000300 | SV-243233r817090_rule | CCI-000057 | medium |
| Description | ||||
| A WLAN session that never terminates due to inactivity may allow an opening for an adversary to highjack the session to obtain access to the network. | ||||
| STIG | Date | |||
| Network WLAN Controller Platform Security Technical Implementation Guide | 2023-02-13 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
AC-11
1.00
- DISA · V7R3 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.1.10
1.00
- DISA · V7R3 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000057
1.00
- DISA · V7R3 · disa_xccdf · related
Details
Check Text (C-243233r817090_chk)
1. Review the relevant configuration screen of the WLAN controller or access point.
2. Verify the inactive/idle session timeout setting is set for 30 minutes or less.
If the inactive/idle session timeout is not set to 30 minutes or less for the entire WLAN, or the WLAN does not have the capability to enable the session timeout feature, this is a finding.
Fix Text (F-46465r817089_fix)
Set the WLAN inactive/idle session timeout to 30 minutes or less.