CCE-94238-3| Platform: cpe:/o:oracle:linux:8, cpe:/o:redhat:enterprise_linux:8, cpe:/o:redhat:enterprise_linux:9 | Date: (C)2019-11-07 (M)2023-07-04 |
The 'rsyslog' daemon should not accept remote messages
unless the system acts as a log server.
To ensure that it is not listening on the network, ensure the following lines are
Parameter:
[no/yes]
Technical Mechanism:
Any process which receives messages from the network incurs some risk
of receiving malicious messages. This risk can be eliminated for
rsyslog by configuring it not to listen on the network.
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 9.1 | Attack Vector: NETWORK |
| Exploit Score: 3.9 | Attack Complexity: LOW |
| Impact Score: 5.2 | Privileges Required: NONE |
| Severity: CRITICAL | User Interaction: NONE |
| Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: NONE |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:84015 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:55680 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:72140 |
