The Solidcore client Command Line Interface (CLI) must be in lockdown mode.

An XCCDF Rule

Description

<VulnDiscussion>By default, when an endpoint's Solidcore installation is managed by the ePO server, the CLI will automatically be in lockdown mode. This will ensure the endpoint receives all of its Solidcore configuration settings from the ePO server. The CLI can, however, be activated for troubleshooting efforts during which time the ePO settings will not be enforced. Leaving the CLI in an allowed status will prevent the endpoint from receiving changes from the ePO server for the Solidcore client.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-213327r879756_rule
Severity: High
References: CCI-001762
Updated: 8 months ago

From the ePO server console System Tree, select the "Systems" tab.

Select "This Group and All Subgroups".
Select the asset.
Select "Actions".
Select "Agent".Click "Actions".
Select "New Client Task Assignment" to open the Client Task Assignment Builder page.

Select the "Solidcore 8.x product", "SC: Change Local CLI Access" task type, then click "Create New Task" to open the Client Task Catalog page.

Change "CLI status" to "Restrict".

Click "Save".

The Solidcore client Command Line Interface (CLI) must be in lockdown mode.

Description

Remediation - Manual Procedure