Dx NetOps : MFA Not Enabled: CWE-308
Article ID: 231444
Updated On:
Products
CA Performance Management - Usage and Administration
DX NetOps
Issue/Introduction
Does Dx NetOps Portal support MFA?
Found below vulnerability in CA performance management application.
MFA Not Enabled
Description:- Lack of multi factor authentication may lead to denial of service attack or sensitive
information may get disclosed if the credentials are compromised.
Environment
Release : 21.2.x, 22.2.x
Component : Single Sign On
Cause
Site security requires that all applications use Multi-factor-authentication (MFA)
Resolution
Dx NetOps Portal does not natively support MFA
We do provide the ability to use an external SAML provider, and that provider would offer MFA options.
about-single-sign-on-support-for-saml-2-0
Additional Information
A feature request has been opened internally to explore adding MFA natively to the portal.
Attachments
Feedback
Yes
No
Powered by
