CCE-96039-3Platform: cpe:/o:suse:suse_linux_enterprise_server:15 | Date: (C)2022-09-27 (M)2023-07-04 |
Without identifying devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
Peripherals include but are not limited to such devices as flash drives, external storage, and printers.
Parameter:
[yes/no]
Technical Mechanism:
Fix:Configure the SUSE operating system to prevent USB mass storage devices from automounting when connected to the host.
Add or update the following line to the "/etc/modprobe.d/50-blacklist.conf" file:
blacklist usb-storage
CCSS Severity: | CCSS Metrics: |
CCSS Score : 5.2 | Attack Vector: PHYSICAL |
Exploit Score: 0.9 | Attack Complexity: LOW |
Impact Score: 4.2 | Privileges Required: NONE |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: NONE |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:84460 |