STIGQter: STIG Summary: VMware vRealize Automation 7.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

SLES for vRealize must enforce 24 hours/1 day as the minimum password lifetime.

DISA Rule

SV-100227r1_rule

Vulnerability Number

V-89577

Group Title

SRG-OS-000075-GPOS-00043

Rule Version

VRAU-SL-000380

Severity

CAT II

CCI(s)

• CCI-000198 - The information system enforces minimum password lifetime restrictions.

Weight

10

Fix Recommendation

To configure the SLES for vRealize to enforce 24 hours/1 day as the minimum password age, edit the file "/etc/login.defs" with the following command:

# sed -i "/^[^#]*PASS_MIN_DAYS/ c\PASS_MIN_DAYS 1" /etc/login.defs

Check Contents

To check that the SLES for vRealize enforces 24 hours/1 day as the minimum password age, run the following command:

# grep PASS_MIN_DAYS /etc/login.defs | grep -v '#'

The DoD requirement is "1".

If "PASS_MIN_DAYS" is not set to the required value, this is a finding.

Vulnerability Number

V-89577

Documentable

False

Rule Version

VRAU-SL-000380

Severity Override Guidance

To check that the SLES for vRealize enforces 24 hours/1 day as the minimum password age, run the following command:

# grep PASS_MIN_DAYS /etc/login.defs | grep -v '#'

The DoD requirement is "1".

If "PASS_MIN_DAYS" is not set to the required value, this is a finding.

Check Content Reference

M

Target Key

3459

Comments