STIGQter STIGQter: STIG Summary: VMware vRealize Automation 7.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must uniquely identify and must authenticate non-organizational users (or processes acting on behalf of non-organizational users).

DISA Rule

SV-100357r1_rule

Vulnerability Number

V-89707

Group Title

SRG-OS-000121-GPOS-00062

Rule Version

VRAU-SL-000745

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the SLES for vRealize to uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).

UNIQUE_USER_ID is a unique numerical value that must be non-negative. USERNAME is the username of the user whose user ID is to be changed.

# usermod -u [UNIQUE_USER_ID] [USERNAME]

Check Contents

Verify the SLES for vRealize uniquely identifies and authenticates non-organizational users by running the following commands:

# awk -F: '{print $3}' /etc/passwd | sort | uniq -d

If the output is not blank, this is a finding.

Vulnerability Number

V-89707

Documentable

False

Rule Version

VRAU-SL-000745

Severity Override Guidance

Verify the SLES for vRealize uniquely identifies and authenticates non-organizational users by running the following commands:

# awk -F: '{print $3}' /etc/passwd | sort | uniq -d

If the output is not blank, this is a finding.

Check Content Reference

M

Target Key

3459

Comments