CCE-95019-6Platform: cpe:/o:debian:debian_linux:11.x, cpe:/o:ubuntu:ubuntu_linux:20.04, cpe:/o:ubuntu:ubuntu_linux:22.04, cpe:/o:ubuntu:ubuntu_linux:23.04 | Date: (C)2020-10-15 (M)2023-09-01 |
The /etc/crontab file is used by cron to control its own jobs. The commands in this item make sure that root is the user and group owner of the file and that only the owner can access the file.
UID - User Identifier is a number assigned by Linux to each user on the system. This number is used to identify the user to the system and to determine which system resources the user can access. UIDs are stored in the /etc/passwd file:
Rationale:
This file contains information on what system jobs are run by cron. Write access to these files could provide unprivileged users with the ability to elevate their privileges. Read access to these files could provide users with the ability to gain insight on system jobs that run on the system and could provide them a way to gain unauthorized privileged access.
Fix:
# chown root:root /etc/crontab
# chmod og-rwx /etc/crontab
Parameter:
[root group owns, root user owns, permission 600]
Technical Mechanism:
# chown root:root /etc/crontab
# chmod og-rwx /etc/crontab
CCSS Severity: | CCSS Metrics: |
CCSS Score : 4.2 | Attack Vector: LOCAL |
Exploit Score: 0.8 | Attack Complexity: LOW |
Impact Score: 3.4 | Privileges Required: HIGH |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: LOW |
| Availability: LOW |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:92346 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:87323 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:85097 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:65992 |