RHEL 10 must restrict privilege elevation to authorized personnel.

STIG ID: RHEL-10-600520  |  SRG: SRG-OS-000445-GPOS-00199 |  Severity: medium (CAT II)  |  CCI: CCI-002696 |  Vulnerability Id: V-281207

Vulnerability Discussion

If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.

Check

Verify RHEL 10 restricts privilege elevation to authorized personnel with the following command:

$ sudo grep -riw ALL /etc/sudoers /etc/sudoers.d/ | grep -v "#"

If the either of the following entries is returned, this is a finding:

ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL

Fix

Configure RHEL 10 to restrict privilege elevation to authorized personnel.

Remove the following entries from the "/etc/sudoers" file or configuration file under "/etc/sudoers.d/":

ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.