Access rights to the configuration file of cron/at utilities is not limited to root account.
Description
The Linux utilities cron and at are related commands. The cron utility allows you to schedule a repetitive task to take place at any regular interval desired, and the at command lets you specify a one-time action to take place at some desired time. It is recommended to limit the access rights for cron/ at configuration file (/etc/crontab) only to default root account.
Severity
important
Category
Linux - Cron or At Utilities
Resolution
Follow the below steps to resolve the misconfiguration.
Follow the below steps to resolve the misconfiguration.
Create an encrypted password with grub-mkpasswd-pbkdf2:
Run the following command to create an encrypted password
grub-mkpasswd-pbkdf2
Enter a password and copy the encrypted-password at the end of the prompt.
Add the following content with replacing your and into the /etc/grub.d/grub2_passwd configuration file:
cat <
EOF
Potential issues that may arise after applying the resolution
Altering the existing security setting may create the following impact in your network operations.
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.