Nutanix AOS must protect audit information from unauthorized access.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-254183 | NUTX-OS-000930 | SV-254183r846637_rule | Medium |
| Description |
|---|
| Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confidentiality. Audit information includes all information (e.g., audit records, audit settings, audit reports) needed to successfully audit operating system activity. Satisfies: SRG-OS-000057-GPOS-00027, SRG-OS-000058-GPOS-00028, SRG-OS-000059-GPOS-00029 |
| STIG | Date |
|---|---|
| Nutanix AOS 5.20.x OS Security Technical Implementation Guide | 2022-08-24 |
Details
| Check Text ( C-57668r846635_chk ) |
|---|
| Verify Nutanix AOS audit log permissions are "0600" or less permissive. $ sudo stat -c "%a %n" /home/log/audit/audit.log 600 /home/log/audit/audit.log If the audit.log file(s) are more permissive than "0600", this is a finding. |
| Fix Text (F-57619r846636_fix) |
|---|
| Run the salt stack call to set the audit log file permissions to "600". $ sudo salt-call state.sls security/CVM/auditCVM |