The web server must require users to be individually authenticated before granting access to the shared accounts or resources.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-264342 | SRG-APP-000815-WSR-000160 | SV-264342r984371_rule | CCI-004045 | medium |
| Description | ||||
| Individual authentication prior to shared group authentication mitigates the risk of using group accounts or authenticators. | ||||
| STIG | Date | |||
| Web Server Security Requirements Guide | 2025-02-12 | |||
Related Frameworks
2 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
IA-2(5)
1.00
- DISA · 4 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI1 mapping
CCI-004045
1.00
- DISA · 4 · disa_xccdf · related
Details
Check Text (C-264342r984371_chk)
Verify the web server is configured to require users to be individually authenticated before granting access to the shared accounts or resources.
If the web server is not configured to require users to be individually authenticated before granting access to the shared accounts or resources, this is a finding.
Fix Text (F-68163r984370_fix)
Configure the web server to require users to be individually authenticated before granting access to the shared accounts or resources.