OpenControls Logo

STIG Viewer

Nutanix AOS must configure role mapping.

Overview

Finding IDVersionRule IDIA ControlsSeverity
V-279421NXAC-AS-000009SV-279421r1192347_ruleCCI-000213medium
Description
Strong access controls are critical to securing the application server. Access control policies (e.g., identity-based policies, role-based policies, attribute-based policies) and access enforcement mechanisms (e.g., access control lists, access control matrices, cryptography) must be implemented to control access between users (or processes acting on behalf of users) and objects (e.g., applications, files, records, processes, application domains) in the application server. Without stringent logical access and authorization controls, an adversary may have the ability, with very little effort, to compromise the application server and associated supporting infrastructure. Satisfies: SRG-APP-000033-AS-000024, SRG-APP-000340-AS-000185
STIGDate
Nutanix Acropolis Application Server Security Technical Implementation Guide2026-02-24

Related Frameworks

4 paths across 3 frameworks
NIST 800-531 mapping
AC-3
1.00
  • DISA · V1R1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.1.1
1.00
  • DISA · V1R1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.1.2
1.00
  • DISA · V1R1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000213
1.00
  • DISA · V1R1 · disa_xccdf · related

Details

Check Text (C-279421r1192347_chk)

Nutanix AOS supports user and group role mapping. Verify all users or groups match that of the documented mapping policies in the system security plan (SSP). 1. Log in to Prism Element. 2. Click the gear icon in the upper-right corner. 3. Navigate to "Role mapping". For each user or group listed, verify the role granted is according to access control policies. If not, this is a finding.

Fix Text (F-83879r1191048_fix)

Configure the user and group mappings to be compliant with the documented mapping policies defined by in the SSP. 1. Log in to Prism Element. 2. Click the gear icon in the upper-right corner. 3. Navigate to "Role mapping". 4. Add users and groups to role mappings per policy.