This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Security Fix(es) :
- A flaw was found where authconfig could configure sssd
in a way that treats existing and non-existing logins
differently, leaking information on existence of a user.
An attacker with physical or network access to the
machine could enumerate users via a timing attack.
See also :
Update the affected authconfig, authconfig-debuginfo and / or
Risk factor :
Medium / CVSS Base Score : 4.0