[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-96042-7

Platform: cpe:/o:suse:suse_linux_enterprise_server:15Date: (C)2022-09-27   (M)2023-07-04



SUSE operating system management includes the ability to control the number of users and user sessions that utilize a SUSE operating system. Limiting the number of allowed users and sessions per user is helpful in reducing the risks related to Denial-of-Service (DoS) attacks. This requirement addresses concurrent sessions for information system accounts and does not address concurrent sessions by single users via multiple system accounts. The maximum number of concurrent sessions should be defined based on mission needs and the operational environment for each system.


Parameter:

[10]


Technical Mechanism:

Fix:Configure the SUSE operating system to limit the number of concurrent sessions to "10" or less for all accounts and/or account types. Add the following line to the file "/etc/security/limits.conf": * hard maxlogins 10

CCSS Severity:CCSS Metrics:
CCSS Score : 4.3Attack Vector: NETWORK
Exploit Score: 2.8Attack Complexity: LOW
Impact Score: 1.4Privileges Required: LOW
Severity: MEDIUMUser Interaction: NONE
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LScope: UNCHANGED
 Confidentiality: NONE
 Integrity: NONE
 Availability: LOW
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:84464


OVAL    1
oval:org.secpod.oval:def:84464
XCCDF    1
xccdf_org.secpod_benchmark_general_SLES_15

© SecPod Technologies