Skip to main content

Networking / Loadbalancer / Controls / DEV

Validate Session Affinity

CCC.LB.CN05 · Networking

Configure session persistence to minimise fixation and hijacking risks.

Related Capabilities

IDTitleDescription
CCC.LB.CP15Session AffinityCan configure subsequent requests from an initial client to be passed to the same target.

Related Threats

IDTitleDescription
CCC.LB.TH04Session Persistence Is ExploitedImproper session-affinity settings can enable session fixation or hijacking across backend targets.

Assessment Requirements

IDTextApplicability
CCC.LB.CN05.AR01When stickiness is enabled, session cookies MUST expire within 30 minutes of inactivity.tlp-green, tlp-amber, tlp-red

Guideline Mappings

FrameworkIDRemarks
NIST-CSFPR.AC-7Least functionality is enforced
NIST_800_53SC-23Session authenticity