V-215820
CAT IIThe Cisco router must be configured to protect audit information from unauthorized modification.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 0
Check Text
Review the Cisco router configuration to verify that it is compliant with this requirement.
Step 1: If persistent logging is enabled as shown in the example below, go to step 2. Otherwise, this requirement is not applicable.
logging persistent url disk0:/logfile size 134217728 filesize 16384
Step 2: Verify that the router is not configured with a privilege level other than "15" to allow access to the file system as shown in the example below.
file privilege 10
Note: The default privilege level required for access to the file system is "15"; hence, the command file privilege "15" will not be shown in the configuration.
If the router is configured with a privilege level other than "15" to allow access to the file system, this is a finding.
Fix Text
If persistent logging is enabled, configure the router to only allow administrators with privilege level "15" access to the file system as shown in the example below.
R4(config)#file privilege 15
STIG Reference
- STIG
- Cisco IOS XE Router NDM Security Technical Implementation Guide
- Version
- 3
- Release
- 7
- Rule ID
- SV-215820r960933_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONTPOINTGTWYRTR/Checklist/MONTPOINTGTWYRTR_CiscoXERtrNDM_V3R5_20251023-150045.ckl | Unassigned | 2026-01-14T12:57:25.013310 | View in Context |