STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must use cryptographic mechanisms to protect the integrity of audit tools.

DISA Rule

SV-99301r1_rule

Vulnerability Number

V-88651

Group Title

SRG-OS-000278-GPOS-00108

Rule Version

VROM-SL-000930

Severity

CAT II

CCI(s)

• CCI-001496 - The information system implements cryptographic mechanisms to protect the integrity of audit tools.

Weight

10

Fix Recommendation

The RPM package management system can check the hashes of audit system package files. Run the following command to list which audit files on the system have hashes that differ from what is expected by the RPM database:

# rpm -V audit | grep '^..5'

A "c" in the second column indicates that a file is a configuration file, which may appropriately be expected to change. If the file that has changed was not expected to, refresh from distribution media or online repositories.

rpm -Uvh [affected_package]

Check Contents

The following command will list which audit files on the system have file hashes different from what is expected by the RPM database:

# rpm -V audit | grep '$1 ~ /..5/ && $2 != "c"'

If there is output, this is a finding.

Vulnerability Number

V-88651

Documentable

False

Rule Version

VROM-SL-000930

Severity Override Guidance

The following command will list which audit files on the system have file hashes different from what is expected by the RPM database:

# rpm -V audit | grep '$1 ~ /..5/ && $2 != "c"'

If there is output, this is a finding.

Check Content Reference

M

Target Key

3461

Comments