Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-240962 | VRAU-VA-000625 | SV-240962r879877_rule | Medium |
Description |
---|
Being able to work on a system through multiple views into the application allows a user to work more efficiently and more accurately. Before environments with windowing capabilities or multiple desktops, a user would log onto the application from different workstations or terminals. With today's workstations, this is no longer necessary and may signal a compromised session or user account. When concurrent logons are made from different workstations to the management interface, a log record needs to be generated. This allows the system administrator to investigate the incident and to be aware of the incident. |
STIG | Date |
---|---|
VMware vRealize Automation 7.x vAMI Security Technical Implementation Guide | 2023-09-12 |
Check Text ( C-44195r676051_chk ) |
---|
At the command prompt, execute the following command: grep -E 'auth.*unix' /etc/pam.d/vami-sfcb If no line is returned or the returned line does contain the option "debug", this is a finding. |
Fix Text (F-44154r676052_fix) |
---|
Navigate to and open /etc/pam.d/vami-sfcb. Configure the vami-sfcb file with the following value: "auth required /lib64/security/pam_unix.so debug" |