STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

AIX /etc/security/mkuser.sys.custom file must not exist unless it is needed for customizing a new user account.

DISA Rule

SV-215169r508663_rule

Vulnerability Number

V-215169

Group Title

SRG-OS-000001-GPOS-00001

Rule Version

AIX7-00-001000

Severity

CAT II

CCI(s)

CCI-000015 - The organization employs automated mechanisms to support the information system account management functions.

Weight

Fix Recommendation

Remove the "/etc/security/mkuser.sys.custom" file using the following command:

# rm /etc/security/mkuser.sys.custom

Check Contents

Check if the "/etc/security/mkuser.sys.custom" file exists:
# ls /etc/security/mkuser.sys.custom

If the above command shows the file exists, this is a finding.

Vulnerability Number

V-215169

Documentable

False

Rule Version

AIX7-00-001000

Severity Override Guidance

Check if the "/etc/security/mkuser.sys.custom" file exists:
# ls /etc/security/mkuser.sys.custom

If the above command shows the file exists, this is a finding.

Check Content Reference

Target Key

4012

AIX /etc/security/mkuser.sys.custom file must not exist unless it is needed for customizing a new user account.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments