Include a description of the known vulnerabilities for administrative functions in the administration documentation.

Back

CONTROL ID
14302

CONTROL TYPE
Establish/Maintain Documentation

CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS

This Control directly supports the implied Control(s):

Obtain system documentation before acquiring products and services., CC ID: 01445

There are no implementation support Controls.

SELECTED AUTHORITY DOCUMENTS COMPLIED WITH

Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3., StateRAMP Security Controls Baseline Summary Category 1, Version 1.1)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3., StateRAMP Security Controls Baseline Summary Category 2, Version 1.1)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3., StateRAMP Security Controls Baseline Summary Category 3, Version 1.1)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3., StateRAMP Security Controls Baseline Summary High Sensitivity Level, Version 1.1)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3. High Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3. Moderate Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3. Low Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
Known vulnerabilities regarding configuration and use of administrative or privileged functions; (SA-5a.3., FedRAMP Security Controls High Baseline, Version 5)
Known vulnerabilities regarding configuration and use of administrative or privileged functions; (SA-5a.3., FedRAMP Security Controls Low Baseline, Version 5)
Known vulnerabilities regarding configuration and use of administrative or privileged functions; (SA-5a.3., FedRAMP Security Controls Moderate Baseline, Version 5)
Known vulnerabilities regarding configuration and use of administrative or privileged functions; (SA-5a.3., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, High Impact Baseline, October 2020)
Known vulnerabilities regarding configuration and use of administrative or privileged functions; (SA-5a.3., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Low Impact Baseline, October 2020)
Known vulnerabilities regarding configuration and use of administrative or privileged functions; (SA-5a.3., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Moderate Impact Baseline, October 2020)
Known vulnerabilities regarding configuration and use of administrative or privileged functions; (SA-5a.3., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Baseline Controls)
Known vulnerabilities regarding configuration and use of administrative or privileged functions; (SA-5a.3., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 3 Controls)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3. Low Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3. Moderate Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3. High Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Revision 4)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Revision 4)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Revision 4)
Known vulnerabilities regarding configuration and use of administrative or privileged functions; (SA-5a.3., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
Known vulnerabilities regarding configuration and use of administrative or privileged functions; (SA-5a.3., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3., Supply Chain Risk Management Practices for Federal Information Systems and Organizations, NIST Special Publication 800-161, April 2015)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3., TX-RAMP Security Controls Baseline Level 1)
Known vulnerabilities regarding configuration and use of administrative (i.e., privileged) functions; (SA-5a.3., TX-RAMP Security Controls Baseline Level 2)