When allowed by the central authentication system, the default role assigned to a user must be User-Base.

An XCCDF Rule

Description

<VulnDiscussion>Rancher MCM uses roles for authentication. It is necessary to ensure the proper roles and permissions are configured. The role used by default does not ensure least privilege. The default role needs to be changed to allow least privilege access.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-252845r879527_rule
Severity: Medium
References: CCI-001404
Updated: about 1 year ago

From the GUI, navigate to Triple Bar Symbol(Global) >> Users & Authentication >> Roles.
-Click "Standard User".
-At the top right, click the three dots, and then "Edit Config".
-Under "New User Default", select "No" and click "Save".
-Click "User-Base".
-At the top right, click the three dots, and then click "Edit Config".-Under "New User Default", select "Yes", and then click "Save".

When allowed by the central authentication system, the default role assigned to a user must be User-Base.

Description

Remediation - Manual Procedure