OpenControls Logo

STIG Viewer

Nutanix AOS must protect against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by nonrepudiation.

Overview

Finding IDVersionRule IDIA ControlsSeverity
V-279423NXAC-AS-000013SV-279423r1191055_ruleCCI-000166medium
Description
Nonrepudiation of actions taken is required to maintain application integrity. Examples of actions include creating information, sending a message, approving information (e.g., indicating concurrence or signing a contract), and receiving a message. Nonrepudiation protects individuals against later claims by an author of not having authored a particular document, a sender of not having transmitted a message, a receiver of not having received a message, or a signatory of not having signed a document. Typical application server actions requiring nonrepudiation will be related to application deployment among developers/users and administrative actions taken by admin personnel.
STIGDate
Nutanix Acropolis Application Server Security Technical Implementation Guide2026-02-24

Details

Check Text (C-279423r1191055_chk)

Confirm the Nutanix VM application server Prism Element WebUI requires client authentication. 1. Log in to Prism Element. 2. Click the gear icon in the upper-right corner. 3. Navigate to the "Authentication" section. 4. Click the "Client" tab. 5. Verify "Client Authentication" is enabled. If Client Authentication (CAC Auth) is not enabled, this is a finding.

Fix Text (F-83881r1191054_fix)

Configure the Nutanix VM application server Prism Element WebUI to require client authentication. 1. Log in to Prism Element. 2. Click the gear in the upper-right corner and navigate to "Authentication". 3. Click the "Client" tab. 4. Select the "Configure Client Chain Certificate" check box. 5. Click the "Choose File" button, browse to and select a client chain certificate to upload, and then click the "Open" button to upload the certificate. 6. Click "Enable Client Authentication".