CCE-92486-0Platform: cpe:/o:oracle:linux:7 | Date: (C)2019-11-07 (M)2023-07-04 |
By default, the SSH configuration allows any user with an account
to access the system. In order to specify the users that are allowed to login
via SSH and deny all other users, add or correct the following line in the
'/etc/ssh/sshd_config' file:
'DenyUsers USER1 USER2'
Where 'USER1' and 'USER2' are valid user names.
Parameter:
[Deny_Users]
Technical Mechanism:
Specifying which accounts are allowed SSH access into the system reduces the
possibility of unauthorized access to the system.
CCSS Severity: | CCSS Metrics: |
CCSS Score : 9.8 | Attack Vector: NETWORK |
Exploit Score: 3.9 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: CRITICAL | User Interaction: NONE |
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:49428 |