CCE-96077-3| Platform: cpe:/o:suse:suse_linux_enterprise_server:15 | Date: (C)2022-09-27 (M)2023-07-04 |
Failure to restrict system access to authenticated users negatively impacts SUSE operating system security.
Parameter:
[yes/no]
Technical Mechanism:
Fix:Note: If a graphical user interface is not installed, this requirement is Not Applicable.
Configure the SUSE operating system GUI to not allow unattended or automatic logon to the system.
Add or edit the following lines in the "/etc/sysconfig/displaymanager"
configuration file:
DISPLAYMANAGER_AUTOLOGIN=""
DISPLAYMANAGER_PASSWORD_LESS_LOGIN="no"
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 8.8 | Attack Vector: LOCAL |
| Exploit Score: 2.0 | Attack Complexity: LOW |
| Impact Score: 6.0 | Privileges Required: LOW |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | Scope: CHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:84501 |
