CCE-92563-6Platform: oel7 | Date: (C)2019-11-07 (M)2022-10-10 |
Ensure gpgcheck Enabled For All Yum Package Repositories
To ensure signature checking is not disabled for
any repos, remove any lines from files in '/etc/yum.repos.d' of the form:
'gpgcheck=0'
Parameter:
Technical Mechanism:
Verifying the authenticity of the software prior to installation
validates the integrity of the patch or upgrade received from
a vendor. This ensures the software has not been tampered with and
that it has been provided by a trusted vendor. Self-signed
certificates are disallowed by this requirement. Certificates
used to verify the software must be from an approved Certificate
Authority (CA).
Fix:
No Remediation Info
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:49505 |