Vulnerability V-215807

Note: This requirement is not applicable to file transfer actions such as FTP, SCP, and SFTP. Review the router configuration to determine if concurrent management sessions are limited as shown in the example below: ip http secure-server ip http max-connections 2 … … … For platforms that support the session-limit command: line vty 0 4 session-limit 2 transport input ssh For those platforms that do not support the session-limit command, the sessions can also be limited by reducing the number of active vty lines as shown in the example below. line vty 0 1 transport input ssh line vty 2 4 transport input none If the router is not configured to limit the number of concurrent management sessions, this is a finding.

Configure the router to limit the number of concurrent management sessions to an organization-defined number as shown in the example below. R4(config)#ip http max-connections 2 R4(config)#line vty 0 1 R4(config-line)#transport input ssh R4(config-line)#exit R4(config)#line vty 2 4 R4(config-line)# transport input none R4(config-line)#end To configure session limiting, use the example below. R4(config)#line vty 0 4 R4(config-line)#session-limit 2 R4(config-line)#transport input ssh