CCE-91926-6| Platform: cpe:/o:ubuntu:ubuntu_linux:16.04 | Date: (C)2018-07-09 (M)2023-07-04 |
The Network File System (NFS) is one of the first and most widely distributed file systems in the UNIX environment. It provides the ability for systems to mount file systems of other servers through the network.
Rationale:
If the server does not export NFS shares or act as an NFS client, it is recommended that these services be disabled to reduce remote attack surface.
Parameter:
[yes/no]
Technical Mechanism:
Run the following commands to disable nfs and rpcbind :
# systemctl disable nfs-kernel-server
# systemctl disable rpcbind
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 7.5 | Attack Vector: NETWORK |
| Exploit Score: 3.9 | Attack Complexity: LOW |
| Impact Score: 3.6 | Privileges Required: NONE |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: NONE |
| | Availability: NONE |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:46187 |
