The SUSE operating system must be a vendor-supported release.

STIG ID: SLES-12-010000  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: high |  CCI: CCI-001230 |  Vulnerability Id: V-217101

Vulnerability Discussion

A SUSE operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.

Check

Verify the SUSE operating system is a vendor-supported release.

Use the following command to verify the SUSE operating system is a vendor-supported release:

# cat /etc/os-release

NAME="SLES"

VERSION="12"

Current End of Life for SLES 12 General Support is 31 Oct 2024 and Long-term Support is until 31 Oct 2027.

If the release is not supported by the vendor, this is a finding.

Fix

Upgrade the SUSE operating system to a version supported by the vendor. If the system is not registered with the SUSE Customer Center, register the system against the correct subscription.

If the system requires Long-Term Service Pack Support (LTSS), obtain the correct LTSS subscription for the system.