The VMM must authenticate peripherals before establishing a connection.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-207483 | SRG-OS-000378-VMM-001540 | SV-207483r958820_rule | CCI-001958 | medium |
| Description | ||||
| Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity. Peripherals include, but are not limited to, such devices as flash drives, external storage, and printers. This requirement is applicable to devices capable of authentication. | ||||
| STIG | Date | |||
| Virtual Machine Manager Security Requirements Guide | 2024-12-06 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
IA-3
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.5.1
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.5.2
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-001958
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-207483r958820_chk)
Verify the VMM authenticates peripherals before establishing a connection.
If it does not, this is a finding.
Fix Text (F-7740r365854_fix)
Configure the VMM to authenticate peripherals before establishing a connection.