CCE-92577-6Platform: cpe:/o:oracle:linux:7 | Date: (C)2019-11-07 (M)2023-07-04 |
The 'cronie-anacron' package, which provides 'anacron'
functionality, is installed by default.
The 'cronie-anacron' package can be removed with the following command:
'$ sudo yum erase cronie-anacron'
Parameter:
[no/yes]
Technical Mechanism:
The 'anacron' service provides 'cron' functionality for systems
such as laptops and workstations that may be shut down during the normal times
that 'cron' jobs are scheduled to run. On systems which do not require this
additional functionality, 'anacron' could needlessly increase the possible
attack surface for an intruder.
CCSS Severity: | CCSS Metrics: |
CCSS Score : 7.8 | Attack Vector: LOCAL |
Exploit Score: 1.8 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: LOW |
Severity: HIGH | User Interaction: NONE |
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:49519 |