The SUSE operating system must be a vendor-supported release.

STIG ID: SLES-15-010000  |  SRG: SRG-OS-000480-GPOS-00227 | Severity: high |  CCI: CCI-001230

Vulnerability Discussion

A SUSE operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.

Check

Verify the SUSE operating system is a vendor-supported release.

Use the following command to verify the SUSE operating system is a vendor-supported release:

> cat /etc/os-release

NAME="SLES"
VERSION="15"

Or any SUSE Linux Enterprise 15 Service Pack follow up release.

NAME="SLES"
VERSION="15-SPx"

Current End of Life for SLES 15 General Support is 31 Jul 2028 and Long-term Support is until 31 Jul 2031.

If the release is not supported by the vendor, this is a finding.

Fix

Upgrade the SUSE operating system to a version supported by the vendor. If the system is not registered with the SUSE Customer Center, register the system against the correct subscription.

If the system requires Long-Term Service Pack Support (LTSS), obtain the correct LTSS subscription for the system.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.