SLEM 5 must reauthenticate users when changing authenticators, roles, or escalating privileges.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-261373 | SLEM-05-432015 | SV-261373r1050789_rule | CCI-002038 | medium |
| Description | ||||
| Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When SLEM 5 provides the capability to change user authenticators, change security roles, or escalate a functional capability, it is critical the user reauthenticate. | ||||
| STIG | Date | |||
| SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide | 2025-05-08 | |||
Related Frameworks
2 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
IA-11
1.00
- DISA · 1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI1 mapping
CCI-002038
1.00
- DISA · 1 · disa_xccdf · related
Details
Check Text (C-261373r1050789_chk)
Verify that SLEM 5 requires reauthentication when changing authenticators, roles, or escalating privileges with the following command:
> sudo egrep -i '(nopasswd|!authenticate)' /etc/sudoers
If any uncommented lines containing "!authenticate", or "NOPASSWD" are returned and active accounts on the system have valid passwords, this is a finding.
Fix Text (F-65010r995985_fix)
Configure SLEM 5 to remove any occurrence of "NOPASSWD" or "!authenticate" found in the "/etc/sudoers" file. If the system does not use passwords for authentication, the "NOPASSWD" tag may exist in the file.