Skip to content

Forescout must prohibit installation of software without explicit privileged permission by only authorized individuals.

An XCCDF Rule

Description

<VulnDiscussion>Allowing anyone to install software, without explicit privileges, creates the risk that untested or potentially malicious software will be installed on the system. This requirement applies to code changes and upgrades for all network devices.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-230946r615886_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Remove accounts that are not authorized. Do not remove the account of last resort. 

Compare users with the current SSP and ensure only the users that should have the privilege to update software have the Software Upgrade privilege selected.

1. From the menu, select Tools >> Options >> User Console and Options.
2. Select (highlight) the user profile to be reviewed (group or user) and then select Edit >> Permissions.