CCE-94293-8Platform: rhel8 | Date: (C)2019-11-07 (M)2022-10-10 |
Disable Certmonger Service (certmonger)
Certmonger is a D-Bus based service that attempts to simplify interaction
with certifying authorities on networks which use public-key infrastructure. It is often
combined with Red Hat's IPA (Identity Policy Audit) security information management
solution to aid in the management of certificates.
The 'certmonger' service can be disabled with the following command:
'$ sudo systemctl disable certmonger'
Parameter:
Technical Mechanism:
The services provided by certmonger may be essential for systems
fulfilling some roles a PKI infrastructure, but its functionality is not necessary
for many other use cases.
Fix:
#
# Disable certmonger.service for all systemd targets
#
systemctl disable certmonger.service
#
# Stop certmonger.service if currently running
#
systemctl stop certmonger.service
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: