| Vulnerability ID |
Severity |
Description |
|
V-260469
|
High
|
Ubuntu 22.04 LTS must disable the x86 Ctrl-Alt-Delete key sequence
|
|
V-260650
|
High
|
Ubuntu 22.04 LTS must implement NIST FIPS-validated cryptography to protect classified informatio...
|
|
V-205624
|
Medium
|
Windows Server 2019 must automatically remove or disable temporary user accounts after 72 hours
|
|
V-260469
|
High
|
Ubuntu 22.04 LTS must disable the x86 Ctrl-Alt-Delete key sequence
|
|
V-260470
|
High
|
Ubuntu 22.04 LTS, when booted, must require authentication upon booting into single-user and main...
|
|
V-260471
|
Medium
|
Ubuntu 22.04 LTS must initiate session audits at system startup
|
|
V-260472
|
Low
|
Ubuntu 22.04 LTS must restrict access to the kernel message buffer
|
|
V-260473
|
Medium
|
Ubuntu 22.04 LTS must disable kernel core dumps so that it can fail to a secure state if system i...
|
|
V-260474
|
Medium
|
Ubuntu 22.04 LTS must implement address space layout randomization to protect its memory from una...
|
|
V-260475
|
Medium
|
Ubuntu 22.04 LTS must implement nonexecutable data to protect its memory from unauthorized code e...
|
|
V-260476
|
Low
|
Ubuntu 22.04 LTS must be configured so that the Advance Package Tool (APT) prevents the installat...
|
|
V-260477
|
Medium
|
Ubuntu 22.04 LTS must be configured so that the Advance Package Tool (APT) removes all software c...
|
|
V-260478
|
Medium
|
Ubuntu 22.04 LTS must have the "libpam-pwquality" package installed
|
|
V-260479
|
Low
|
Ubuntu 22.04 LTS must have the "chrony" package installed
|
|
V-260480
|
Low
|
Ubuntu 22.04 LTS must not have the "systemd-timesyncd" package installed
|
|
V-260481
|
Low
|
Ubuntu 22.04 LTS must not have the "ntp" package installed
|
|
V-260482
|
High
|
Ubuntu 22.04 LTS must not have the "rsh-server" package installed
|
|
V-260483
|
High
|
Ubuntu 22.04 LTS must not have the "telnet" package installed
|
|
V-260484
|
Medium
|
Ubuntu 22.04 LTS must implement cryptographic mechanisms to prevent unauthorized disclosure and m...
|
|
V-260485
|
Medium
|
Ubuntu 22.04 LTS must have directories that contain system commands set to a mode of "755" or les...
|
|
V-260486
|
Medium
|
Ubuntu 22.04 LTS must have system commands set to a mode of "755" or less permissive
|
|
V-260487
|
Medium
|
Ubuntu 22.04 LTS library files must have mode "755" or less permissive
|
|
V-260488
|
Medium
|
Ubuntu 22.04 LTS must configure the "/var/log" directory to have mode "755" or less permissive
|
|
V-260489
|
Medium
|
Ubuntu 22.04 LTS must generate error messages that provide information necessary for corrective a...
|
|
V-260490
|
Medium
|
Ubuntu 22.04 LTS must generate system journal entries without revealing information that could be...
|
|
V-260491
|
Medium
|
Ubuntu 22.04 LTS must configure "/var/log/syslog" file with mode "640" or less permissive
|
|
V-260492
|
Medium
|
Ubuntu 22.04 LTS must configure audit tools with a mode of "755" or less permissive
|
|
V-260493
|
Medium
|
Ubuntu 22.04 LTS must have directories that contain system commands owned by "root"
|
|
V-260494
|
Medium
|
Ubuntu 22.04 LTS must have directories that contain system commands group-owned by "root"
|
|
V-260495
|
Medium
|
Ubuntu 22.04 LTS must have system commands owned by "root" or a system account
|
|
V-260496
|
Medium
|
Ubuntu 22.04 LTS must have system commands group-owned by "root" or a system account
|
|
V-260497
|
Medium
|
Ubuntu 22.04 LTS library directories must be owned by "root"
|
|
V-260498
|
Medium
|
Ubuntu 22.04 LTS library directories must be group-owned by "root"
|
|
V-260499
|
Medium
|
Ubuntu 22.04 LTS library files must be owned by "root"
|
|
V-260500
|
Medium
|
Ubuntu 22.04 LTS library files must be group-owned by "root"
|
|
V-260501
|
Medium
|
Ubuntu 22.04 LTS must configure the directories used by the system journal to be owned by "root"
|
|
V-260502
|
Medium
|
Ubuntu 22.04 LTS must configure the directories used by the system journal to be group-owned by "...
|
|
V-260503
|
Medium
|
Ubuntu 22.04 LTS must configure the files used by the system journal to be owned by "root"
|
|
V-260504
|
Medium
|
Ubuntu 22.04 LTS must configure the files used by the system journal to be group-owned by "system...
|
|
V-260505
|
Medium
|
Ubuntu 22.04 LTS must be configured so that the "journalctl" command is owned by "root"
|
|
V-260506
|
Medium
|
Ubuntu 22.04 LTS must be configured so that the "journalctl" command is group-owned by "root"
|
|
V-260507
|
Medium
|
Ubuntu 22.04 LTS must configure audit tools to be owned by "root"
|
|
V-260508
|
Medium
|
Ubuntu 22.04 LTS must configure the "/var/log" directory to be owned by "root"
|
|
V-260509
|
Medium
|
Ubuntu 22.04 LTS must configure the "/var/log" directory to be group-owned by "syslog"
|
|
V-260510
|
Medium
|
Ubuntu 22.04 LTS must configure "/var/log/syslog" file to be owned by "syslog"
|
|
V-260511
|
Medium
|
Ubuntu 22.04 LTS must configure the "/var/log/syslog" file to be group-owned by "adm"
|
|
V-260512
|
Medium
|
Ubuntu 22.04 LTS must be configured so that the "journalctl" command is not accessible by unautho...
|
|
V-260513
|
Medium
|
Ubuntu 22.04 LTS must set a sticky bit on all public directories to prevent unauthorized and unin...
|
|
V-260514
|
Medium
|
Ubuntu 22.04 LTS must have an application firewall installed in order to control remote access me...
|
|
V-260515
|
Medium
|
Ubuntu 22.04 LTS must enable and run the Uncomplicated Firewall (ufw)
|
|
V-260516
|
Medium
|
Ubuntu 22.04 LTS must have an application firewall enabled
|
|
V-260517
|
Medium
|
Ubuntu 22.04 LTS must configure the Uncomplicated Firewall (ufw) to rate-limit impacted network i...
|
|
V-260518
|
Medium
|
Ubuntu 22.04 LTS must be configured to prohibit or restrict the use of functions, ports, protocol...
|
|
V-260519
|
Low
|
Ubuntu 22.04 LTS must, for networked systems, compare internal information system clocks at least...
|
|
V-260520
|
Low
|
Ubuntu 22.04 LTS must synchronize internal information system clocks to the authoritative time so...
|
|
V-260521
|
Low
|
Ubuntu 22.04 LTS must record time stamps for audit records that can be mapped to Coordinated Univ...
|
|
V-260522
|
Medium
|
Ubuntu 22.04 LTS must be configured to use TCP syncookies
|
|
V-260523
|
High
|
Ubuntu 22.04 LTS must have SSH installed
|
|
V-260524
|
High
|
Ubuntu 22.04 LTS must use SSH to protect the confidentiality and integrity of transmitted informa...
|
|
V-260533
|
Medium
|
Ubuntu 22.04 LTS SSH server must be configured to use only FIPS-validated key exchange algorithms
|
|
V-260534
|
Medium
|
Ubuntu 22.04 LTS must use strong authenticators in establishing nonlocal maintenance and diagnost...
|
|
V-260537
|
Medium
|
Ubuntu 22.04 LTS must retain a user's session lock until that user reestablishes access using est...
|
|
V-260538
|
Medium
|
Ubuntu 22.04 LTS must initiate a graphical session lock after 15 minutes of inactivity
|
|
V-260539
|
High
|
Ubuntu 22.04 LTS must disable the x86 Ctrl-Alt-Delete key sequence if a graphical user interface ...
|
|
V-260540
|
Medium
|
Ubuntu 22.04 LTS must disable automatic mounting of Universal Serial Bus (USB) mass storage driver
|
|
V-260541
|
Medium
|
Ubuntu 22.04 LTS must disable all wireless network adapters
|
|
V-260542
|
Medium
|
Ubuntu 22.04 LTS must prevent direct login into the root account
|
|
V-260543
|
Medium
|
Ubuntu 22.04 LTS must uniquely identify interactive users
|
|
V-260545
|
Medium
|
Ubuntu 22.04 LTS must enforce 24 hours/one day as the minimum password lifetime. Passwords for ne...
|
|
V-260546
|
Medium
|
Ubuntu 22.04 LTS must enforce a 60-day maximum password lifetime restriction. Passwords for new u...
|
|
V-260547
|
Medium
|
Ubuntu 22.04 LTS must disable account identifiers (individuals, groups, roles, and devices) after...
|
|
V-260535
|
Medium
|
Ubuntu 22.04 LTS must enable the graphical user logon banner to display the Standard Mandatory DO...
|
|
V-260548
|
Medium
|
Ubuntu 22.04 LTS must automatically expire temporary accounts within 72 hours
|
|
V-260549
|
Low
|
Ubuntu 22.04 LTS must automatically lock an account until the locked account is released by an ad...
|
|
V-260550
|
Low
|
Ubuntu 22.04 LTS must enforce a delay of at least four seconds between logon prompts following a ...
|
|
V-260552
|
Low
|
Ubuntu 22.04 LTS must limit the number of concurrent sessions to ten for all accounts and/or acco...
|
|
V-260553
|
Medium
|
Ubuntu 22.04 LTS must allow users to directly initiate a session lock for all connection types
|
|
V-260554
|
Medium
|
Ubuntu 22.04 LTS must automatically exit interactive command shell user sessions after 15 minutes...
|
|
V-260535
|
Medium
|
Ubuntu 22.04 LTS must enable the graphical user logon banner to display the Standard Mandatory DO...
|
|
V-260536
|
Medium
|
Ubuntu 22.04 LTS must display the Standard Mandatory DOD Notice and Consent Banner before grantin...
|
|
V-260555
|
Medium
|
Ubuntu 22.04 LTS default filesystem permissions must be defined in such a way that all authentica...
|
|
V-260556
|
Medium
|
Ubuntu 22.04 LTS must have the "apparmor" package installed
|
|
V-260557
|
Medium
|
Ubuntu 22.04 LTS must be configured to use AppArmor
|
|
V-260558
|
Medium
|
Ubuntu 22.04 LTS must require users to reauthenticate for privilege escalation or when changing r...
|
|
V-260559
|
High
|
Ubuntu 22.04 LTS must ensure only users who need access to security functions are part of sudo group
|
|
V-260560
|
Medium
|
Ubuntu 22.04 LTS must enforce password complexity by requiring at least one uppercase character b...
|
|
V-260561
|
Medium
|
Ubuntu 22.04 LTS must enforce password complexity by requiring at least one lowercase character b...
|
|
V-260562
|
Medium
|
Ubuntu 22.04 LTS must enforce password complexity by requiring that at least one numeric characte...
|
|
V-260563
|
Medium
|
Ubuntu 22.04 LTS must enforce password complexity by requiring that at least one special characte...
|
|
V-260564
|
Medium
|
Ubuntu 22.04 LTS must prevent the use of dictionary words for passwords
|
|
V-260565
|
Medium
|
Ubuntu 22.04 LTS must enforce a minimum 15-character password length
|
|
V-260566
|
Medium
|
Ubuntu 22.04 LTS must require the change of at least eight characters when passwords are changed
|
|
V-260567
|
Medium
|
Ubuntu 22.04 LTS must be configured so that when passwords are changed or new passwords are estab...
|
|
V-260569
|
Medium
|
Ubuntu 22.04 LTS must store only encrypted representations of passwords
|
|
V-260570
|
High
|
Ubuntu 22.04 LTS must not allow accounts configured with blank or null passwords
|
|
V-260571
|
High
|
Ubuntu 22.04 LTS must not have accounts configured with blank or null passwords
|
|
V-260572
|
Medium
|
Ubuntu 22.04 LTS must encrypt all stored passwords with a FIPS 140-3-approved cryptographic hashi...
|
|
V-260573
|
Medium
|
Ubuntu 22.04 LTS must implement multifactor authentication for remote access to privileged accoun...
|
|
V-260574
|
Medium
|
Ubuntu 22.04 LTS must accept personal identity verification (PIV) credentials
|
|
V-260575
|
Medium
|
Ubuntu 22.04 LTS must implement smart card logins for multifactor authentication for local and ne...
|
|
V-260576
|
Medium
|
Ubuntu 22.04 LTS must electronically verify personal identity verification (PIV) credentials
|
|
V-260577
|
Medium
|
Ubuntu 22.04 LTS, for PKI-based authentication, must validate certificates by constructing a cert...
|
|
V-260578
|
Medium
|
Ubuntu 22.04 LTS for PKI-based authentication, must implement a local cache of revocation data in...
|
|
V-260579
|
High
|
Ubuntu 22.04 LTS must map the authenticated identity to the user or group account for PKI-based a...
|
|
V-260580
|
Medium
|
Ubuntu 22.04 LTS must use DOD PKI-established certificate authorities for verification of the est...
|
|
V-260581
|
Low
|
Ubuntu 22.04 LTS must be configured such that Pluggable Authentication Module (PAM) prohibits the...
|
|
V-260582
|
Medium
|
Ubuntu 22.04 LTS must use a file integrity tool to verify correct operation of all security funct...
|
|
V-260583
|
Medium
|
Ubuntu 22.04 LTS must configure AIDE to perform file integrity checking on the file system
|
|
V-260584
|
Medium
|
Ubuntu 22.04 LTS must notify designated personnel if baseline configurations are changed in an un...
|
|
V-260585
|
Medium
|
Ubuntu 22.04 LTS must be configured so that the script that runs each 30 days or less to check fi...
|
|
V-260586
|
Medium
|
Ubuntu 22.04 LTS must use cryptographic mechanisms to protect the integrity of audit tools
|
|
V-260587
|
Low
|
Ubuntu 22.04 LTS must have a crontab script running weekly to offload audit events of standalone ...
|
|
V-260588
|
Medium
|
Ubuntu 22.04 LTS must be configured to preserve log records from failure events
|
|
V-260589
|
Medium
|
Ubuntu 22.04 LTS must monitor remote access methods
|
|
V-260590
|
Medium
|
Ubuntu 22.04 LTS must have the "auditd" package installed
|
|
V-260591
|
Medium
|
Ubuntu 22.04 LTS must produce audit records and reports containing information to establish when,...
|
|
V-260592
|
Low
|
Ubuntu 22.04 LTS audit event multiplexor must be configured to offload audit logs onto a differen...
|
|
V-260593
|
Low
|
Ubuntu 22.04 LTS must alert the information system security officer (ISSO) and system administrat...
|
|
V-260594
|
Medium
|
Ubuntu 22.04 LTS must shut down by default upon audit failure
|
|
V-260595
|
Low
|
Ubuntu 22.04 LTS must allocate audit record storage capacity to store at least one weeks' worth o...
|
|
V-260596
|
Low
|
Ubuntu 22.04 LTS must immediately notify the system administrator (SA) and information system sec...
|
|
V-260597
|
Medium
|
Ubuntu 22.04 LTS must be configured so that audit log files are not read- or write-accessible by ...
|