Detections
Analytics
SLEM-05-432025 - SLEM 5 must restrict privilege elevation to authorized personnel.
Information
The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms the request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.Solution
Remove the following entries from the "/etc/sudoers" file:ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SLEM_5_V1R4_STIG.zip
Item Details
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-261375r996562_rule, STIG-ID|SLEM-05-432025, Vuln-ID|V-261375
Plugin: Unix
Control ID: 2f49a3d239d22adf1b5ac51be98163e2a61fe91c9558c82e077aefc6c007f1cd