CCE-95773-8| Platform: cpe:/o:ubuntu:ubuntu_linux:20.04 | Date: (C)2024-02-12 (M)2024-02-12 |
It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vector.
Fixtext:
Configure the Ubuntu operating system to implement multifactor authentication by installing the required packages.
Install the "libpam-pkcs11" package on the system with the following command:
$ sudo apt install libpam-pkcs11
Parameter:
[Yes/No]
Technical Mechanism:
Configure the Ubuntu operating system to implement multifactor authentication by installing the required packages.
Install the "libpam-pkcs11" package on the system with the following command:
$ sudo apt install libpam-pkcs11
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 7.8 | Attack Vector: LOCAL |
| Exploit Score: 1.8 | Attack Complexity: LOW |
| Impact Score: 5.9 | Privileges Required: LOW |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:97829 |
