Skip to content
Log In

CCI-002227

Restrict privileged accounts on the system to organization-defined personnel or roles.

Ensure invoking users password for privilege escalation when using sudo

4 rules found Severity: Medium

Logo

The BlackBerry UEM server must be configured to have at least one user in the following Administrator roles: Server primary administrator, security configuration administrator, device user group administrator, or auditor.

1 rule found Severity: Medium

Logo

The MaaS360 MDM server must be configured to have at least one user in the following Administrator roles: Server primary administrator, security configuration administrator, device user group administrator, auditor.

1 rule found Severity: Medium

Logo

The MobileIron Core v10 server must be configured to have at least one user in the following Administrator roles: Server primary administrator, security configuration administrator, device user group administrator, auditor.

1 rule found Severity: Medium

Logo

The Samsung SDS EMM must be configured to have at least one user in the following Administrator roles: Server primary administrator, security configuration administrator, device user group administrator, auditor.

1 rule found Severity: Medium

Logo

The Workspace ONE UEM server must be configured to have at least one user in the following Administrator roles: Server primary administrator, security configuration administrator, device user group administrator, or auditor.

1 rule found Severity: Medium

Logo

The Red Hat Enterprise Linux operating system must use the invoking user's password for privilege escalation when using "sudo".

1 rule found Severity: Medium

Logo

Sign-on to the ESCD Application Console must be restricted to only authorized personnel.

1 rule found Severity: Medium

Logo

The Distributed Console Access Facility (DCAF) Console must be restricted to only authorized personnel.

1 rule found Severity: Medium

Logo

Access to the Hardware Management Console must be restricted to only authorized personnel.

1 rule found Severity: Medium

Logo

Automatic Call Answering to the Hardware Management Console must be disabled.

1 rule found Severity: Medium

Logo

The Jamf Pro EMM server must be configured to have at least one user in the following Administrator roles: Server primary administrator, security configuration administrator, device user group administrator, auditor.

1 rule found Severity: Medium

Logo

Administrative accounts of all high-value IT resources must be assigned to a specific administrative tier in Active Directory to separate highly privileged administrative accounts from less privileged administrative accounts.

1 rule found Severity: Medium

Logo

The Oracle Linux operating system must use the invoking user's password for privilege escalation when using "sudo".

1 rule found Severity: Medium

Logo

RHEL 8 must use the invoking user's password for privilege escalation when using "sudo".

1 rule found Severity: Medium

Logo

The SUSE operating system must use the invoking user's password for privilege escalation when using "sudo".

1 rule found Severity: Medium

Logo