The web server must require users to be individually authenticated before granting access to the shared accounts or resources.

STIG ID: SRG-APP-000815-WSR-000160  |  SRG: SRG-APP-000815 |  Severity: medium (CAT II)  |  CCI: CCI-004045 |  Vulnerability Id: V-264342

Vulnerability Discussion

Individual authentication prior to shared group authentication mitigates the risk of using group accounts or authenticators.

Check

Verify the web server is configured to require users to be individually authenticated before granting access to the shared accounts or resources.

If the web server is not configured to require users to be individually authenticated before granting access to the shared accounts or resources, this is a finding.

Fix

Configure the web server to require users to be individually authenticated before granting access to the shared accounts or resources.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.