STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Nutanix AOS 5.20.x Application Security Technical Implementation Guide

V-254101

CAT II (Medium)

Nutanix AOS must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

Rule ID

SV-254101r961353_rule

STIG

Nutanix AOS 5.20.x Application Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-002235

Discussion

Preventing nonprivileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges. Restricting nonprivileged users also prevents an attacker, who has gained access to a nonprivileged account, from elevating privileges, creating accounts, and performing system checks and maintenance.

Check Content

Display a list of configured users and their roles on the Prism UI:

1. Log in to Prism Element.
2. Click on the gear icon in the upper right.
3. Navigate to "Local User Management".

Validate that only authorized accounts have been assigned the "Cluster Admin" role by comparing the above list against the approved user list provided by the ISSM.

If there are any users assigned the "Cluster Admin" role that have not been authorized by the ISSM, this is a finding.

Fix Text

Assign the privileged users identified by the ISSM to the Cluster Admin role.