[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90932-5

Platform: rhel7,centos7Date: (C)2017-06-29   (M)2022-10-10



Ensure gpgcheck Enabled For All Yum Package Repositories To ensure signature checking is not disabled for any repos, remove any lines from files in '/etc/yum.repos.d' of the form: 'gpgcheck=0'


Parameter:


Technical Mechanism:

Verifying the authenticity of the software prior to installation validates the integrity of the patch or upgrade received from a vendor. This ensures the software has not been tampered with and that it has been provided by a trusted vendor. Self-signed certificates are disallowed by this requirement. Certificates used to verify the software must be from an approved Certificate Authority (CA). Fix: No Remediation Info

CCSS Severity:CCSS Metrics:
CCSS Score : Attack Vector:
Exploit Score: Attack Complexity:
Impact Score: Privileges Required:
Severity: User Interaction:
Vector: Scope:
 Confidentiality:
 Integrity:
 Availability:
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31311
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:30588
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31311
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:30588


OVAL    2
oval:org.secpod.oval:def:31311
oval:org.secpod.oval:def:30588

© SecPod Technologies