DISA_STIG_SLES_12_v2r9.audit from DISA SLES 12 v2r9 STIG

SLES-12-010000 - The SUSE operating system must be a vendor-supported release.

CAT|I

CCI|CCI-001230

Rule-ID|SV-217101r603262_rule

STIG-ID|SLES-12-010000

STIG-Legacy|SV-91741

STIG-Legacy|V-77045

Vuln-ID|V-217101

SLES-12-010010 - Vendor-packaged SUSE operating system security patches and updates must be installed and up to date.

CAT|II

CCI|CCI-001227

Rule-ID|SV-217102r603262_rule

STIG-ID|SLES-12-010010

STIG-Legacy|SV-91743

STIG-Legacy|V-77047

Vuln-ID|V-217102

SLES-12-010020 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access to the local graphical user interface - filename

CCI|CCI-000048

CCI|CCI-000050

Rule-ID|SV-217103r603262_rule

STIG-ID|SLES-12-010020

STIG-Legacy|SV-91745

STIG-Legacy|V-77049

Vuln-ID|V-217103

SLES-12-010020 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access to the local graphical user interface - text-info

SLES-12-010020 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access to the local graphical user interface - title

SLES-12-010030 - The SUSE operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting access via local console.

Rule-ID|SV-217104r603262_rule

STIG-ID|SLES-12-010030

STIG-Legacy|SV-91747

STIG-Legacy|V-77051

Vuln-ID|V-217104

SLES-12-010040 - The SUSE operating system must display a banner before granting local or remote access to the system via a graphical user logon - banner-message-enable

CCI|CCI-001384

CCI|CCI-001385

CCI|CCI-001386

CCI|CCI-001387

CCI|CCI-001388

Rule-ID|SV-217105r646678_rule

STIG-ID|SLES-12-010040

STIG-Legacy|SV-91749

STIG-Legacy|V-77053

Vuln-ID|V-217105

SLES-12-010040 - The SUSE operating system must display a banner before granting local or remote access to the system via a graphical user logon - file-db

SLES-12-010040 - The SUSE operating system must display a banner before granting local or remote access to the system via a graphical user logon - system-db

SLES-12-010040 - The SUSE operating system must display a banner before granting local or remote access to the system via a graphical user logon - user-db

SLES-12-010050 - The SUSE operating system must display the approved Standard Mandatory DoD Notice before granting local or remote access to the system via a graphical user logon.

Rule-ID|SV-217106r646681_rule

STIG-ID|SLES-12-010050

STIG-Legacy|SV-91751

STIG-Legacy|V-77055

Vuln-ID|V-217106

SLES-12-010060 - The SUSE operating system must be able to lock the graphical user interface (GUI).

CCI|CCI-000056

CCI|CCI-000058

CCI|CCI-000060

Rule-ID|SV-217107r603262_rule

STIG-ID|SLES-12-010060

STIG-Legacy|SV-91753

STIG-Legacy|V-77057

Vuln-ID|V-217107

SLES-12-010070 - The SUSE operating system must utilize vlock to allow for session locking.

CAT|III

Rule-ID|SV-217108r603262_rule

STIG-ID|SLES-12-010070

STIG-Legacy|SV-91755

STIG-Legacy|V-77059

Vuln-ID|V-217108

SLES-12-010080 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity for the graphical user interface - GUI.

CCI|CCI-000057

Rule-ID|SV-217109r646684_rule

STIG-ID|SLES-12-010080

STIG-Legacy|SV-91757

STIG-Legacy|V-77061

Vuln-ID|V-217109

SLES-12-010090 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity - export

Rule-ID|SV-217110r603262_rule

STIG-ID|SLES-12-010090

STIG-Legacy|SV-91759

STIG-Legacy|V-77063

Vuln-ID|V-217110

SLES-12-010090 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity - readonly

SLES-12-010090 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity - TMOUT

SLES-12-010100 - The SUSE operating system must conceal, via the session lock, information previously visible on the display with a publicly viewable image in the graphical user interface - GUI.

Rule-ID|SV-217111r603262_rule

STIG-ID|SLES-12-010100

STIG-Legacy|SV-91761

STIG-Legacy|V-77065

Vuln-ID|V-217111

SLES-12-010109 - The SUSE operating system must specify the default 'include' directory for the /etc/sudoers file - /etc/sudoers

CCI|CCI-000366

Rule-ID|SV-251719r832989_rule

STIG-ID|SLES-12-010109

Vuln-ID|V-251719

SLES-12-010109 - The SUSE operating system must specify the default 'include' directory for the /etc/sudoers file - /etc/sudoers.d/*

SLES-12-010110 - The SUSE operating system must reauthenticate users when changing authenticators, roles, or escalating privileges - !authenticate

CCI|CCI-002038

Rule-ID|SV-217112r854084_rule

STIG-ID|SLES-12-010110

STIG-Legacy|SV-91763

STIG-Legacy|V-77067

Vuln-ID|V-217112

SLES-12-010110 - The SUSE operating system must reauthenticate users when changing authenticators, roles, or escalating privileges - NOPASSWD

SLES-12-010111 - The SUSE operating system must restrict privilege elevation to authorized personnel - /etc/sudoers

Rule-ID|SV-237603r646772_rule

STIG-ID|SLES-12-010111

Vuln-ID|V-237603

SLES-12-010111 - The SUSE operating system must restrict privilege elevation to authorized personnel - /etc/sudoers.d/*

SLES-12-010112 - The SUSE operating system must use the invoking user's password for privilege escalation when using 'sudo' - rootpw

CCI|CCI-002227

Rule-ID|SV-237604r861101_rule

STIG-ID|SLES-12-010112

Vuln-ID|V-237604

SLES-12-010112 - The SUSE operating system must use the invoking user's password for privilege escalation when using 'sudo' - runaspw

SLES-12-010112 - The SUSE operating system must use the invoking user's password for privilege escalation when using 'sudo' - targetpw

SLES-12-010113 - The SUSE operating system must require re-authentication when using the 'sudo' command - sudo command.

Rule-ID|SV-237605r861104_rule

STIG-ID|SLES-12-010113

Vuln-ID|V-237605

SLES-12-010114 - The SUSE operating system must not be configured to bypass password requirements for privilege escalation.

Rule-ID|SV-251720r854176_rule

STIG-ID|SLES-12-010114

Vuln-ID|V-251720

SLES-12-010120 - The SUSE operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types.

CCI|CCI-000054

Rule-ID|SV-217113r877399_rule

STIG-ID|SLES-12-010120

STIG-Legacy|SV-91765

STIG-Legacy|V-77069

Vuln-ID|V-217113

SLES-12-010130 - The SUSE operating system must lock an account after three consecutive invalid access attempts - common-account

CCI|CCI-000044

Rule-ID|SV-217114r603262_rule

STIG-ID|SLES-12-010130

STIG-Legacy|SV-91767

STIG-Legacy|V-77071

Vuln-ID|V-217114

SLES-12-010130 - The SUSE operating system must lock an account after three consecutive invalid access attempts - common-auth

SLES-12-010140 - The SUSE operating system must enforce a delay of at least four (4) seconds between logon prompts following a failed logon attempt.

Rule-ID|SV-217116r603262_rule

STIG-ID|SLES-12-010140

STIG-Legacy|SV-91769

STIG-Legacy|V-77073

Vuln-ID|V-217116

SLES-12-010150 - The SUSE operating system must enforce passwords that contain at least one upper-case character.

CCI|CCI-000192

Rule-ID|SV-217117r603262_rule

STIG-ID|SLES-12-010150

STIG-Legacy|SV-91771

STIG-Legacy|V-77075

Vuln-ID|V-217117

SLES-12-010160 - The SUSE operating system must enforce passwords that contain at least one lower-case character.

CCI|CCI-000193

Rule-ID|SV-217118r603262_rule

STIG-ID|SLES-12-010160

STIG-Legacy|SV-91773

STIG-Legacy|V-77077

Vuln-ID|V-217118

SLES-12-010170 - The SUSE operating system must enforce passwords that contain at least one numeric character.

CCI|CCI-000194

Rule-ID|SV-217119r603262_rule

STIG-ID|SLES-12-010170

STIG-Legacy|SV-91775

STIG-Legacy|V-77079

Vuln-ID|V-217119

SLES-12-010180 - The SUSE operating system must enforce passwords that contain at least one special character.

CCI|CCI-001619

Rule-ID|SV-217120r603262_rule

STIG-ID|SLES-12-010180

STIG-Legacy|SV-91777

STIG-Legacy|V-77081

Vuln-ID|V-217120

SLES-12-010190 - The SUSE operating system must require the change of at least eight (8) of the total number of characters when passwords are changed.

CCI|CCI-000195

Rule-ID|SV-217121r603262_rule

STIG-ID|SLES-12-010190

STIG-Legacy|SV-91783

STIG-Legacy|V-77087

Vuln-ID|V-217121

SLES-12-010210 - The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs).

CCI|CCI-000803

Rule-ID|SV-217122r646689_rule

STIG-ID|SLES-12-010210

STIG-Legacy|SV-91789

STIG-Legacy|V-77093

Vuln-ID|V-217122

SLES-12-010220 - The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords.

CCI|CCI-000196

Rule-ID|SV-217123r877397_rule

STIG-ID|SLES-12-010220

STIG-Legacy|SV-91795

STIG-Legacy|V-77099

Vuln-ID|V-217123

SLES-12-010221 - The SUSE operating system must not have accounts configured with blank or null passwords.

Rule-ID|SV-251721r809453_rule

STIG-ID|SLES-12-010221

Vuln-ID|V-251721

SLES-12-010230 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords - nullok

Detections

Analytics

Revision 1.2

Apr 12, 2023

Functional Update

Miscellaneous