[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-85401-8

Platform: cpe:/o:apple:mac_os_11Date: (C)2022-12-28   (M)2023-07-04



The macOS _MUST_ be configured to disable accounts after 35 days of inactivity. This rule prevents malicious users from making use of unused accounts to gain access to the system while avoiding detection. Fix: sudo pwpolicy setglobalpolicy 'maxMinutesOfNonUse=50400' Note: 35 Days = 50400 minutes Patching the CCE led to unexpected outcome and hence its not being automated. If you consider patching it manually please check the machine functionality post reboot.


Parameter:

[Number_of_Days_in_Mins]


Technical Mechanism:

To set the password policy, run the following command: sudo pwpolicy setglobalpolicy 'maxMinutesOfNonUse=50400'

CCSS Severity:CCSS Metrics:
CCSS Score : 8.1Attack Vector: NETWORK
Exploit Score: 2.2Attack Complexity: HIGH
Impact Score: 5.9Privileges Required: NONE
Severity: HIGHUser Interaction: NONE
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:80357


OVAL    1
oval:org.secpod.oval:def:80357
XCCDF    1
xccdf_org.secpod_benchmark_general_Mac_OS_11

© SecPod Technologies