STIGQter: STIG Summary: VMware vRealize Automation 7.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

Duplicate User IDs (UIDs) must not exist for users within the organization.

DISA Rule

SV-100341r1_rule

Vulnerability Number

V-89691

Group Title

SRG-OS-000104-GPOS-00051

Rule Version

VRAU-SL-000680

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Edit the file /etc/passwd and provide each organizational user account that has a duplicate UID with a unique UID.

Check Contents

Verify that the SLES for vRealize contains no duplicate UIDs for organizational users by running the following command:

# awk -F ":" 'list[$3]++{print $1, $3}' /etc/passwd

If output is produced, this is a finding.

Vulnerability Number

V-89691

Documentable

False

Rule Version

VRAU-SL-000680

Severity Override Guidance

Verify that the SLES for vRealize contains no duplicate UIDs for organizational users by running the following command:

# awk -F ":" 'list[$3]++{print $1, $3}' /etc/passwd

If output is produced, this is a finding.

Check Content Reference

M

Target Key

3459

Comments