RHEL 9 must restrict privilege elevation to authorized personnel.

An XCCDF Rule

Description

If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.

ID: SV-258087r1045177_rule
Version: RHEL-09-432030
Severity: Medium
References: CCI-000366
Updated: about 2 months ago

Remediation Templates

Remove the following entries from the /etc/sudoers file or configuration file under /etc/sudoers.d/:

ALL     ALL=(ALL) ALL
ALL     ALL=(ALL:ALL) ALL