[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-95218-4

Platform: cpe:/o:apple:mac_os_11, cpe:/o:apple:mac_os_x:10.15Date: (C)2020-12-08   (M)2023-07-04



"Disable guest account login The Guest account, a special managed account, is considered a security vulnerability in most situations because it has no password associated with it. Once an attacker has gained guest-level access, the attacker can try to elevate privileges to further exploit a system. We recommend that the Guest account be disabled on all macOS systems unless there is a clearly demonstrated need to use a Guest account. The Guest account is not allowed to log in to a computer by default. However, guest users can access shared folders remotely by default. This setting is called "Allow guest users to connect to shared folders" and should be disabled. Both of these settings are available under System Preferences / Users and Groups / Guest Userand are disabled by default. Note that when a guest logs out of a macOS system, the guest's environment is destroyed and reinitialized. "


Parameter:

[Hide/Display]


Technical Mechanism:

Fix:defaults write /Library/Preferences/com.apple.loginwindow GuestEnabled -bool FALSE

CCSS Severity:CCSS Metrics:
CCSS Score : 7.3Attack Vector: NETWORK
Exploit Score: 3.9Attack Complexity: LOW
Impact Score: 3.4Privileges Required: NONE
Severity: HIGHUser Interaction: NONE
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LScope: UNCHANGED
 Confidentiality: LOW
 Integrity: LOW
 Availability: LOW
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:71651
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:67459


OVAL    2
oval:org.secpod.oval:def:67459
oval:org.secpod.oval:def:71651
XCCDF    4
xccdf_org.secpod_benchmark_general_Mac_OS_11
xccdf_org.secpod_benchmark_general_Mac_OS_X_10_15
xccdf_org.secpod_benchmark_SecPod_Mac_OS_11
xccdf_org.secpod_benchmark_SecPod_Mac_OS_X_10_15
...

© SecPod Technologies