1.4.3.3 Ensure 'aaa authentication secure-http-client' is configured correctly

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Provides a secure method, SSL, to protect username and password to be sent in clear text

Rationale:

If HTTP authentication is used without the command aaa authentication secure-http-client, the username and password are sent from the client to the security appliance in clear text.

Solution

Configure the secure aaa authentication for http

hostname(CONFIG)#AAA AUTHENTICATION SECURE-HTTP-CLIENT

See Also

https://benchmarks.cisecurity.org/tools2/cisco/CIS_Cisco_Firewall_Benchmark_v4.0.0.pdf

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-13

Plugin: Cisco

Control ID: 337af5695f3b37a7fdc02627c76949f7e721e11a72159921a03204379c30c3ca