Detections
Analytics
AZLX-23-001020 - Amazon Linux 2023 must require users to provide a password for privilege escalation.
Information
Without reauthentication, users may access resources or perform tasks for which they do not have authorization.Solution
Configure Amazon Linux 2023 to not allow users to execute privileged actions without authenticating with a password.Remove any occurrence of "NOPASSWD" found in "/etc/sudoers" file or files in the "/etc/sudoers.d" directory.
$ sudo sed -i '/NOPASSWD/ s/^/# /g' /etc/sudoers /etc/sudoers.d/*
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Amazon_Linux_2023_V1R2_STIG.zip
Item Details
Audit Name: DISA Amazon Linux 2023 STIG v1r2
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-274016r1120036_rule, STIG-ID|AZLX-23-001020, Vuln-ID|V-274016
Plugin: Unix
Control ID: ac2520f1afc59833bf676e450f6e5834074a67016ee7cf0d94e5b51e8933510b