STIGQter STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must reveal error messages only to authorized users.

DISA Rule

SV-99267r1_rule

Vulnerability Number

V-88617

Group Title

SRG-OS-000206-GPOS-00084

Rule Version

VROM-SL-000835

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Change the group-owner of the "/etc/rsyslog.conf" file to "root":

# chgrp root /etc/syslog-ng/syslog-ng.conf

Check Contents

Check the permissions of the syslog configuration file(s):

# ls -lL /etc/syslog-ng/syslog-ng.conf

If the file is not group owned by "root", this is a finding.

Vulnerability Number

V-88617

Documentable

False

Rule Version

VROM-SL-000835

Severity Override Guidance

Check the permissions of the syslog configuration file(s):

# ls -lL /etc/syslog-ng/syslog-ng.conf

If the file is not group owned by "root", this is a finding.

Check Content Reference

M

Target Key

3461

Comments