SLES-12-010111 - The SUSE operating system must restrict privilege elevation to authorized personnel.

Information

The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the 'sudoers' file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.

Solution

Remove the following entries from the sudoers file:
ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SLES_12_V2R13_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-237603r646772_rule, STIG-ID|SLES-12-010111, Vuln-ID|V-237603

Plugin: Unix

Control ID: f9999f038f23aca5f881cd69e812fbbc928299c42bab6138a7909444e72568ab