STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to HP FlexFabric Switch NDM Security Technical Implementation Guide

V-217458

CAT II (Medium)

Network devices must provide a logoff capability for administrator-initiated communication sessions.

Rule ID

SV-217458r961224_rule

STIG

HP FlexFabric Switch NDM Security Technical Implementation Guide

Version

V1R4

CCIs

CCI-002363

Discussion

If an administrator cannot explicitly end a device management session, the session may remain open and be exploited by an attacker; this is referred to as a zombie session.

Check Content

Review the HP FlexFabric Switch configuration to determine if it provides a logoff capability for administrator-initiated communication sessions.

[HP] display users

  Idx  Line     Idle       Time              Pid     Type
+ 177  VTY 0    00:00:00   May 29 15:45:11   1011    SSH

Following are more details.
VTY 0   :
        User name: admin@system
        Location: 16.117.204.17
 +    : Current operation user.
 F    : Current operation user works in async mode.

If the HP FlexFabric Switch does not provide a logoff capability for these sessions, this is a finding.

Fix Text

Configure the HP FlexFabric Switch to provide a logoff capability for administrator-initiated communication sessions.

[HP] Ctrl + z
<HP> quit