Vulnerability Discussion
The NIS service provides an unencrypted authentication service, which does not provide for the confidentiality and integrity of user passwords or the remote session.
Removing the "ypserv" package decreases the risk of the accidental (or intentional) activation of NIS or NIS+ services.
Check
Verify that the ypserv package is not installed with the following command:
$ sudo dnf list --installed ypserv
Error: No matching Packages to list
If the "ypserv" package is installed, this is a finding.
Fix
Remove the ypserv package with the following command:
$ sudo dnf remove ypserv