STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 1 hour ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to F5 BIG-IP TMOS NDM Security Technical Implementation Guide

V-266065

CAT II (Medium)

The F5 BIG-IP appliance must terminate shared/group account credentials when members leave the group.

Rule ID

SV-266065r1024596_rule

STIG

F5 BIG-IP TMOS NDM Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-002142

Discussion

A shared/group account credential is a shared form of authentication that allows multiple individuals to access the network device using a single account. If shared/group account credentials are not terminated when individuals leave the group, the user that left the group can still gain access even though they are no longer authorized. There may also be instances when specific user actions need to be performed on the network device without unique administrator identification or authentication. Examples of credentials include passwords and group membership certificates.

Check Content

From the BIG-IP GUI:
1. System.
2. Users.
3. User List.

From the BIG-IP console, type the following command:

tmsh list auth user

If there are any shared accounts that must not be active, this is a finding.

Fix Text

From the BIG-IP GUI:
1. System.
2. Users.
3. User List.
4. Check the box next to any shared/group accounts that must not be active.
5. Click "Delete".
6. Click "Delete" again on the next page.

From the BIG-IP console, type the following command:

tmsh delete auth user <username>
tmsh save sys config