The Riverbed NetIM must be configured to require immediate selection of a new password upon account recovery for password-based authentication.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-275466 | RIIM-DM-000020 | SV-275466r1147448_rule | CCI-004063 | low |
| Description | ||||
| Specify a temporary password to improve security. A temporary password can be enabled only if Account Control is enabled. If a temporary password is set, then the password set by Admin/Sys Admin for the new user shall expire on the first log in of the new user. A password expired page will appear for new users after the first login. | ||||
| STIG | Date | |||
| Riverbed NetIM NDM Security Technical Implementation Guide | 2025-09-29 | |||
Details
Check Text (C-275466r1147448_chk)
Verify Password Rules is configured to expire temporary passwords.
1. From the GUI, navigate to Configuration >> Configure >> All Settings >> Administer.
2. On the User Management screen, select "Password Rules".
3. View the Maximum age of temporary password in hours.
If the Maximum age of temporary password in hours is not set, this is a finding.
Fix Text (F-79473r1147447_fix)
Configure Password Rules to expire temporary passwords.
1. From the GUI, navigate to Configuration >> Configure >> All Settings >> Administer.
2. On the User Management screen, select "Password Rules".
3. Check "Maximum age of temporary password in hours".
4. Enter an organization-defined number in the option box and click "Submit".
Local users must not be created; however, setting these requirements is a best practice.