STIGQter: STIG Summary: VMware vSphere 6.7 Photon OS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Mar 2021:

The Photon operating system package files must not be modified.

DISA Rule

SV-239124r675180_rule

Vulnerability Number

V-239124

Group Title

SRG-OS-000278-GPOS-00108

Rule Version

PHTN-67-000053

Severity

CAT II

CCI(s)

• CCI-001496 - The information system implements cryptographic mechanisms to protect the integrity of audit tools.

Weight

10

Fix Recommendation

If the audit system binaries have been altered, the system must be taken offline and the ISSM must be notified immediately.

Reinstalling the audit tools is not supported.

The appliance should be restored from a backup or a snapshot or redeployed once the root cause is remediated.

Check Contents

Use the verification capability of rpm to check the MD5 hashes of the audit files on disk versus the expected ones from the installation package.

At the command line, execute the following command:

# rpm -V audit | grep "^..5" | grep -v "^...........c"

If there is output, this is a finding.

Vulnerability Number

V-239124

Documentable

False

Rule Version

PHTN-67-000053

Severity Override Guidance

Use the verification capability of rpm to check the MD5 hashes of the audit files on disk versus the expected ones from the installation package.

At the command line, execute the following command:

# rpm -V audit | grep "^..5" | grep -v "^...........c"

If there is output, this is a finding.

Check Content Reference

M

Target Key

5323

Comments