PANW-NM-000142 - The Palo Alto Networks security platform must not use Password Profiles.

Information

Password profiles override settings made in the Minimum Password Complexity window. If Password Profiles are used they can bypass password complexity requirements.

Solution

Go to Device >> Password Profiles
If the screen is blank (no configured Password Profiles), do nothing.

If there are configured Password Profiles, identify which accounts are using them and bring this to the attention of the ISSO immediately.
Delete the Password Profiles when authorized to make changes to the device in accordance with local change management policies.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_PAN_Y24M10_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-228675r961863_rule, STIG-ID|PANW-NM-000142, STIG-Legacy|SV-77269, STIG-Legacy|V-62779, Vuln-ID|V-228675

Plugin: Palo_Alto

Control ID: b7fb03c6153b5a9fc358f4b9bbc22cc0b4ead2caf5d1b6cfef06b9d96d40cf2d