RHEL 10 must have the "nss-tools" package installed.

STIG ID: RHEL-10-200510  |  SRG: SRG-OS-000095-GPOS-00049 |  Severity: medium (CAT II)  |  CCI: CCI-000381 |  Vulnerability Id: V-280953

Vulnerability Discussion

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Install the "nss-tools" package to install command-line tools to manipulate the NSS certificate and key database.

Check

Verify RHEL 10 has the "nss-tools" package installed with the following command:

$ sudo dnf list --installed nss-tools
Installed Packages
nss-tools.x86_64 3.112.0-4.el10_0 @rhel-10-for-x86_64-appstream-rpms

If the "nss-tools" package is not installed, this is a finding.

Fix

Configure RHEL 10 to have the "nss-tools" package installed with the following command:

$ sudo dnf -y install nss-tools
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.