diff --git a/linux_os/guide/services/base/package_abrt_removed/rule.yml b/linux_os/guide/services/base/package_abrt_removed/rule.yml
index 503f6658d..a6e8ffe8a 100644
--- a/linux_os/guide/services/base/package_abrt_removed/rule.yml
+++ b/linux_os/guide/services/base/package_abrt_removed/rule.yml
@@ -17,6 +17,9 @@ rationale: |-
vulnerabilities in software executing on the system, as well as sensitive
information from within a process's address space or registers.
-severity: unknown
+severity: medium
+
+identifiers:
+ cce@rhel8: 80948-3
{{{ complete_ocil_entry_package(package="abrt") }}}
diff --git a/linux_os/guide/services/base/service_abrtd_disabled/rule.yml b/linux_os/guide/services/base/service_abrtd_disabled/rule.yml
index b82f63d5b..a34c616f4 100644
--- a/linux_os/guide/services/base/service_abrtd_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_abrtd_disabled/rule.yml
@@ -17,11 +17,12 @@ rationale: |-
vulnerabilities in software executing on the system, as well as sensitive
information from within a process's address space or registers.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27247-6
cce@rhel7: 26872-2
+ cce@rhel8: 80870-9
references:
stigid@rhel6: RHEL-06-000261
diff --git a/linux_os/guide/services/base/service_kdump_disabled/rule.yml b/linux_os/guide/services/base/service_kdump_disabled/rule.yml
index 81c48ff68..367bebc90 100644
--- a/linux_os/guide/services/base/service_kdump_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_kdump_disabled/rule.yml
@@ -17,6 +17,7 @@ severity: medium
identifiers:
cce@rhel6: 26850-8
cce@rhel7: 80258-7
+ cce@rhel8: 80878-2
references:
disa: "366"
diff --git a/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml b/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml
index 7efd76810..c5b32e597 100644
--- a/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_ntpdate_disabled/rule.yml
@@ -18,11 +18,12 @@ rationale: |-
reboots. In any event, the functionality of the ntpdate service is now
available in the ntpd program and should be considered deprecated.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27256-7
cce@rhel7: 80262-9
+ cce@rhel8: 80879-0
references:
stigid@rhel6: RHEL-06-000265
diff --git a/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml b/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml
index 48956bbc2..e86953d48 100644
--- a/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_oddjobd_disabled/rule.yml
@@ -17,11 +17,12 @@ rationale: |-
tasks by privileged programs, on behalf of unprivileged ones, has traditionally
been a source of privilege escalation security issues.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27257-5
cce@rhel7: 80263-7
+ cce@rhel8: 80880-8
references:
stigid@rhel6: RHEL-06-000266
diff --git a/linux_os/guide/services/base/service_qpidd_disabled/rule.yml b/linux_os/guide/services/base/service_qpidd_disabled/rule.yml
index f88ffe3bd..5e87ca040 100644
--- a/linux_os/guide/services/base/service_qpidd_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_qpidd_disabled/rule.yml
@@ -13,11 +13,12 @@ description: |-
rationale: "The qpidd service is automatically installed when the \"base\" \npackage selection is selected during installation. The qpidd service listens \nfor network connections, which increases the attack surface of the system. If \nthe system is not intended to receive AMQP traffic, then the qpidd \nservice is not needed and should be disabled or removed."
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26928-2
cce@rhel7: 80266-0
+ cce@rhel8: 80882-4
references:
stigid@rhel6: RHEL-06-000267
diff --git a/linux_os/guide/services/base/service_rdisc_disabled/rule.yml b/linux_os/guide/services/base/service_rdisc_disabled/rule.yml
index 7874ff43a..ed7523e80 100644
--- a/linux_os/guide/services/base/service_rdisc_disabled/rule.yml
+++ b/linux_os/guide/services/base/service_rdisc_disabled/rule.yml
@@ -17,11 +17,12 @@ rationale: |-
some special-purpose systems often use DHCP (instead of IRDP) to retrieve
dynamic network configuration information.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27261-7
cce@rhel7: 80268-6
+ cce@rhel8: 80883-2
references:
stigid@rhel6: RHEL-06-000268
diff --git a/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml b/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml
index b21c11a6a..e01520f5c 100644
--- a/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml
+++ b/linux_os/guide/services/cron_and_at/service_atd_disabled/rule.yml
@@ -18,11 +18,12 @@ rationale: |-
accountability. Furthermore, the need to schedule tasks with at or
batch is not common.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27249-2
cce@rhel7: 80345-2
+ cce@rhel8: 80871-7
references:
stigid@rhel6: RHEL-06-000262
diff --git a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml
index 0d16f192c..52b6f8676 100644
--- a/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml
+++ b/linux_os/guide/services/cron_and_at/service_crond_enabled/rule.yml
@@ -19,6 +19,7 @@ severity: medium
identifiers:
cce@rhel6: 27070-2
cce@rhel7: 27323-5
+ cce@rhel8: 80875-8
references:
stigid@rhel6: RHEL-06-000224
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml
index 7a8bb8235..47bea73fe 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml
@@ -21,7 +21,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80548-1"
+ cce@rhel7: "80548-1"
references:
stigid: WA00612
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml
index b8cf4cd30..8da682989 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml
@@ -21,7 +21,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80551-5"
+ cce@rhel7: "80551-5"
references:
stigid: WG110
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml
index 91f80e92d..3911f83ba 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml
@@ -22,7 +22,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80561-4"
+ cce@rhel7: "80561-4"
references:
stigid: WG237
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml
index eeeb974b5..b0630338d 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_restrict_file_dir_access/http_configure_log_file_ownership/rule.yml
@@ -20,7 +20,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80562-2"
+ cce@rhel7: "80562-2"
references:
stigid: WG255
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_configure_perl_securely/httpd_configure_perl_taint/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_configure_perl_securely/httpd_configure_perl_taint/rule.yml
index 81fc326e8..447e51b96 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_configure_perl_securely/httpd_configure_perl_taint/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_configure_perl_securely/httpd_configure_perl_taint/rule.yml
@@ -29,7 +29,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80560-6"
+ cce@rhel7: "80560-6"
references:
stigid: WG460
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_anonymous_content_sharing/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_anonymous_content_sharing/rule.yml
index 2021de1da..770a4dc49 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_anonymous_content_sharing/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_anonymous_content_sharing/rule.yml
@@ -20,7 +20,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80555-6"
+ cce@rhel7: "80555-6"
references:
stigid: WG210
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_configure_script_permissions/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_configure_script_permissions/rule.yml
index bf815ffc5..9d2944eb5 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_configure_script_permissions/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_configure_script_permissions/rule.yml
@@ -21,7 +21,7 @@ rationale: |-
severity: high
identifiers:
- cce: "80556-4"
+ cce@rhel7: "80556-4"
references:
stigid: WG290
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_disable_anonymous_ftp_access/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_disable_anonymous_ftp_access/rule.yml
index 754e982a0..f0f64c438 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_disable_anonymous_ftp_access/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_disable_anonymous_ftp_access/rule.yml
@@ -21,7 +21,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80553-1"
+ cce@rhel7: "80553-1"
references:
stigid: WG430
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_ignore_htaccess_files/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_ignore_htaccess_files/rule.yml
index 47b045ff4..302b50d75 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_ignore_htaccess_files/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_directory_restrictions/httpd_ignore_htaccess_files/rule.yml
@@ -21,7 +21,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80554-9"
+ cce@rhel7: "80554-9"
references:
stigid: WG400
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_enable_error_logging/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_enable_error_logging/rule.yml
index 8e2f7f0f3..ee94dd410 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_enable_error_logging/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_enable_error_logging/rule.yml
@@ -20,7 +20,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "81130-7"
+ cce@rhel7: "81130-7"
references:
stigid: WA00605
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_enable_loglevel/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_enable_loglevel/rule.yml
index e59af0022..69f11e524 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_enable_loglevel/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_enable_loglevel/rule.yml
@@ -23,7 +23,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80550-7"
+ cce@rhel7: "80550-7"
references:
stigid: WA00620
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_enable_system_logging/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_enable_system_logging/rule.yml
index c49f17bb9..8210b4268 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_enable_system_logging/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_enable_system_logging/rule.yml
@@ -21,7 +21,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80549-9"
+ cce@rhel7: "80549-9"
references:
stigid: WA00615
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_enable_log_config/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_enable_log_config/rule.yml
index 7620f0730..08a16e8b4 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_enable_log_config/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_minimize_loadable_modules/httpd_core_modules/httpd_enable_log_config/rule.yml
@@ -21,7 +21,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80552-3"
+ cce@rhel7: "80552-3"
references:
stigid: WG240
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_tls/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_tls/rule.yml
index d34741b3f..a31989990 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_tls/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_tls/rule.yml
@@ -23,7 +23,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80557-2"
+ cce@rhel7: "80557-2"
references:
stigid: WG340
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_valid_server_cert/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_valid_server_cert/rule.yml
index d0be5950c..af5813d1e 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_valid_server_cert/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_configure_valid_server_cert/rule.yml
@@ -21,7 +21,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80559-8"
+ cce@rhel7: "80559-8"
references:
stigid: WG350
diff --git a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_require_client_certs/rule.yml b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_require_client_certs/rule.yml
index 22909c0fe..7e346b721 100644
--- a/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_require_client_certs/rule.yml
+++ b/linux_os/guide/services/http/securing_httpd/httpd_modules_improve_security/httpd_deploy_mod_ssl/httpd_require_client_certs/rule.yml
@@ -19,7 +19,7 @@ rationale: |-
severity: medium
identifiers:
- cce: "80558-0"
+ cce@rhel7: "80558-0"
references:
stigid: WG140
diff --git a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
index ceef1201f..964692959 100644
--- a/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
+++ b/linux_os/guide/services/mail/postfix_harden_os/postfix_server_cfg/postfix_server_relay/postfix_prevent_unrestricted_relay/rule.yml
@@ -17,7 +17,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80512-7
+ cce@rhel7: 80512-7
references:
disa: "366"
diff --git a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml
index b5d683bb3..fd9b76345 100644
--- a/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml
+++ b/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_kerberos_security_all_exports/rule.yml
@@ -19,6 +19,7 @@ severity: medium
identifiers:
cce@rhel7: 27464-7
+ cce@rhel8: 80924-4
references:
disa: "366"
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml
index 78932821b..6757afc1c 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/rule.yml
@@ -35,10 +35,11 @@ rationale: |-
unavailable. This is typical for a system acting as an NTP server for
other systems.
-severity: unknown
+severity: medium
identifiers:
cce@rhel7: 27012-4
+ cce@rhel8: 80764-4
references:
nist: AU-8(1)
diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml
index 285b35008..783d228b7 100644
--- a/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml
+++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/rule.yml
@@ -38,6 +38,7 @@ severity: medium
identifiers:
cce@rhel7: 27278-1
+ cce@rhel8: 80765-1
references:
cis: "3.6"
diff --git a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml
index cf346aa82..409f206c6 100644
--- a/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml
+++ b/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/rule.yml
@@ -37,6 +37,7 @@ severity: medium
identifiers:
cce@rhel7: 27444-9
+ cce@rhel8: 80874-1
references:
cis: 2.2.1.1
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml
index 7bc91ea9d..558fe0663 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/package_xinetd_removed/rule.yml
@@ -11,11 +11,12 @@ rationale: |-
Removing the xinetd package decreases the risk of the
xinetd service's accidental (or intentional) activation.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27005-8
cce@rhel7: 27354-0
+ cce@rhel8: 80850-1
references:
stigid@rhel6: RHEL-06-000204
diff --git a/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml b/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml
index cfa074998..67a52a931 100644
--- a/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml
+++ b/linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml
@@ -17,6 +17,7 @@ severity: medium
identifiers:
cce@rhel6: 27046-2
cce@rhel7: 27443-1
+ cce@rhel8: 80888-1
references:
stigid@rhel6: RHEL-06-000203
diff --git a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
index 2778ab6ca..84d41ad39 100644
--- a/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/no_host_based_files/rule.yml
@@ -21,7 +21,7 @@ rationale: |-
severity: high
identifiers:
- cce: 80513-5
+ cce@rhel7: 80513-5
references:
disa: "366"
diff --git a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/rule.yml
index f8567d3af..87515a365 100644
--- a/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/rule.yml
@@ -21,6 +21,7 @@ severity: high
identifiers:
cce@rhel6: 27270-8
cce@rhel7: 27406-8
+ cce@rhel8: 80842-8
references:
stigid@rhel6: RHEL-06-000019
diff --git a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
index 39a0a47e6..2a3e8e064 100644
--- a/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/no_user_host_based_files/rule.yml
@@ -21,7 +21,7 @@ rationale: |-
severity: high
identifiers:
- cce: 80514-3
+ cce@rhel7: 80514-3
references:
disa: "366"
diff --git a/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml b/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml
index 4d454081b..554a24017 100644
--- a/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml
@@ -20,6 +20,7 @@ severity: high
identifiers:
cce@rhel6: 27208-8
cce@rhel7: 27408-4
+ cce@rhel8: 80884-0
references:
stigid@rhel6: RHEL-06-000216
diff --git a/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml b/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml
index 65d935189..ea691cfe9 100644
--- a/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml
+++ b/linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml
@@ -22,6 +22,7 @@ severity: high
identifiers:
cce@rhel6: 26865-6
cce@rhel7: 27336-7
+ cce@rhel8: 80885-7
references:
stigid@rhel6: RHEL-06-000218
diff --git a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
index 85ce97ea3..bfc1ece90 100644
--- a/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml
@@ -16,11 +16,12 @@ rationale: |-
for communications. Removing the talk package decreases the
risk of the accidental (or intentional) activation of talk client program.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27373-0
cce@rhel7: 27432-4
+ cce@rhel8: 80848-5
references:
cis: 2.3.3
diff --git a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml
index 9e5611ac5..e93b7adb9 100644
--- a/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml
+++ b/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml
@@ -17,6 +17,7 @@ severity: low
identifiers:
cce@rhel6: 27428-2
cce@rhel7: 27305-2
+ cce@rhel8: 80849-3
references:
cis: 2.3.4
diff --git a/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml b/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml
index fc0435ede..a5f9fc5db 100644
--- a/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml
+++ b/linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml
@@ -41,6 +41,7 @@ severity: high
identifiers:
cce@rhel6: 26836-7
cce@rhel7: 27401-9
+ cce@rhel8: 80887-3
references:
disa@rhel6: 68,1436,197,877,888
diff --git a/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml b/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml
index e0d853b18..faf2141cc 100644
--- a/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml
+++ b/linux_os/guide/services/routing/disabling_quagga/service_zebra_disabled/rule.yml
@@ -16,6 +16,7 @@ severity: medium
identifiers:
cce@rhel7: 27191-6
+ cce@rhel8: 80889-9
references:
disa: "366"
diff --git a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/rule.yml
index b19ec72c4..68ffec513 100644
--- a/linux_os/guide/services/ssh/ssh_server/disable_host_auth/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/disable_host_auth/rule.yml
@@ -21,6 +21,7 @@ severity: medium
identifiers:
cce@rhel6: 27091-8
cce@rhel7: 27413-4
+ cce@rhel8: 80786-7
references:
stigid@rhel6: RHEL-06-000236
diff --git a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
index 969adcaed..733c1df84 100644
--- a/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/firewalld_sshd_port_enabled/rule.yml
@@ -15,10 +15,11 @@ rationale: |-
If inbound SSH connections are expected, adding a firewall rule exception
will allow remote access through the SSH port.
-severity: unknown
+severity: medium
identifiers:
cce@rhel7: 80361-9
+ cce@rhel8: 80820-4
references:
cui: 3.1.12
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/rule.yml
index 5cfceb130..f906b39a1 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/rule.yml
@@ -20,6 +20,7 @@ severity: high
identifiers:
cce@rhel6: 27072-8
cce@rhel7: 27320-1
+ cce@rhel8: 80894-9
references:
nist@debian8: AC-17(7)
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml
index 9fc4c3115..b20360f35 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml
@@ -20,6 +20,7 @@ severity: medium
identifiers:
cce@rhel7: 80224-9
+ cce@rhel8: 80895-6
references:
cui: 3.1.12
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
index 66e744763..64972b825 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_empty_passwords/rule.yml
@@ -18,6 +18,7 @@ severity: high
identifiers:
cce@rhel6: 26887-0
cce@rhel7: 27471-2
+ cce@rhel8: 80896-4
references:
anssi@debian8: NT007(R17)
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
index cd7819639..b748685d1 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_gssapi_auth/rule.yml
@@ -17,6 +17,7 @@ severity: medium
identifiers:
cce@rhel7: 80220-7
+ cce@rhel8: 80897-2
references:
cui: 3.1.12
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
index c7de48ef6..b88c71b85 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_kerb_auth/rule.yml
@@ -18,6 +18,7 @@ severity: medium
identifiers:
cce@rhel7: 80221-5
+ cce@rhel8: 80898-0
references:
cui: 3.1.12
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts/rule.yml
index c2bf06ff8..e7d29c89b 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts/rule.yml
@@ -20,6 +20,7 @@ severity: medium
identifiers:
cce@rhel6: 27124-7
cce@rhel7: 27377-1
+ cce@rhel8: 80899-8
references:
stigid@rhel6: RHEL-06-000234
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/rule.yml
index d13733f27..8f307e8b9 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_rhosts_rsa/rule.yml
@@ -19,6 +19,7 @@ severity: medium
identifiers:
cce@rhel7: 80373-4
+ cce@rhel8: 80900-4
references:
cui: 3.1.12
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
index 453cec5f2..722a4b8ed 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_root_login/rule.yml
@@ -21,6 +21,7 @@ severity: medium
identifiers:
cce@rhel6: 27100-7
cce@rhel7: 27445-6
+ cce@rhel8: 80901-2
references:
anssi@debian8: NT007(R21)
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
index 332ec16d0..361ab90d5 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_user_known_hosts/rule.yml
@@ -20,6 +20,7 @@ severity: medium
identifiers:
cce@rhel7: 80372-6
+ cce@rhel8: 80902-0
references:
cui: 3.1.12
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
index aee1825df..f0be1fd3f 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_do_not_permit_user_env/rule.yml
@@ -17,6 +17,7 @@ severity: medium
identifiers:
cce@rhel6: 27201-3
cce@rhel7: 27363-1
+ cce@rhel8: 80903-8
references:
stigid@rhel6: RHEL-06-000241
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
index 79b43e25d..b7776ff8b 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_strictmodes/rule.yml
@@ -17,6 +17,7 @@ severity: medium
identifiers:
cce@rhel7: 80222-3
+ cce@rhel8: 80904-6
references:
cui: 3.1.12
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
index 1a14f7c13..b5a22f08d 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_enable_warning_banner/rule.yml
@@ -20,6 +20,7 @@ severity: medium
identifiers:
cce@rhel6: 27112-2
cce@rhel7: 27314-4
+ cce@rhel8: 80905-3
references:
stigid@rhel6: RHEL-06-000240
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
index fdc8bf802..06b2ca8f9 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_idle_timeout/rule.yml
@@ -29,6 +29,7 @@ severity: unknown
identifiers:
cce@rhel6: 26919-1
cce@rhel7: 27433-2
+ cce@rhel8: 80906-1
references:
nist@debian8: SA-8
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
index 5a6995cdf..28824306c 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_set_keepalive/rule.yml
@@ -16,6 +16,7 @@ severity: medium
identifiers:
cce@rhel6: 26282-4
cce@rhel7: 27082-7
+ cce@rhel8: 80907-9
references:
stigid@rhel6: RHEL-06-000231
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_priv_separation/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_use_priv_separation/rule.yml
index d0be2621a..58ddfb9e1 100644
--- a/linux_os/guide/services/ssh/ssh_server/sshd_use_priv_separation/rule.yml
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_use_priv_separation/rule.yml
@@ -17,6 +17,7 @@ severity: medium
identifiers:
cce@rhel7: 80223-1
+ cce@rhel8: 80908-7
references:
cui: 3.1.12
diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml
index 226b58908..367f1dd25 100644
--- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml
+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca/rule.yml
@@ -24,7 +24,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80516-8
+ cce@rhel7: 80516-8
references:
disa: "1453"
diff --git a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml
index 0aa4fe27b..8b710a6dc 100644
--- a/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml
+++ b/linux_os/guide/services/sssd/sssd-ldap/sssd_ldap_configure_tls_ca_dir/rule.yml
@@ -24,7 +24,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80515-0
+ cce@rhel7: 80515-0
references:
disa: "1453"
diff --git a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
index 33105633c..a3d40d51e 100644
--- a/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_enable_smartcards/rule.yml
@@ -29,6 +29,7 @@ severity: medium
identifiers:
cce@rhel7: 80570-5
+ cce@rhel8: 80909-5
references:
disa: "1954"
diff --git a/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml b/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml
index 54fe9f582..83af0add2 100644
--- a/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_memcache_timeout/rule.yml
@@ -24,6 +24,7 @@ severity: medium
identifiers:
cce@rhel7: 80364-3
+ cce@rhel8: 80910-3
references:
disa: "2007"
diff --git a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
index e2893d260..99154a3bf 100644
--- a/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
+++ b/linux_os/guide/services/sssd/sssd_offline_cred_expiration/rule.yml
@@ -21,6 +21,7 @@ severity: medium
identifiers:
cce@rhel7: 80365-0
+ cce@rhel8: 80911-1
references:
disa: "2007"
diff --git a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
index 62af708f9..df27b1a71 100644
--- a/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/banner_etc_issue/rule.yml
@@ -14,6 +14,7 @@ severity: medium
identifiers:
cce@rhel6: 26974-6
cce@rhel7: 27303-7
+ cce@rhel8: 80763-6
references:
stigid@rhel6: RHEL-06-000073
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
index 5a31ed7df..92d8b37e1 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_banner_enabled/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 26970-4
+ cce@rhel8: 80768-5
references:
cis: 1.7.2
diff --git a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
index 99331203d..b08d1c17b 100644
--- a/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-banners/gui_login_banner/dconf_gnome_login_banner_text/rule.yml
@@ -30,6 +30,7 @@ severity: medium
identifiers:
cce@rhel7: 26892-0
+ cce@rhel8: 80770-1
references:
cis: 1.7.2
diff --git a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
index 224dc1304..648bf8c09 100644
--- a/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/display_login_attempts/rule.yml
@@ -22,6 +22,7 @@ severity: low
identifiers:
cce@rhel6: 27291-4
cce@rhel7: 27275-7
+ cce@rhel8: 80788-3
references:
stigid@rhel6: RHEL-06-000372
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml
index 13e3ce31c..0c3be3f48 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_unix_remember/rule.yml
@@ -28,6 +28,7 @@ severity: medium
identifiers:
cce@rhel6: 26741-9
cce@rhel7: 26923-3
+ cce@rhel8: 80666-1
references:
stigid@rhel6: RHEL-06-000274
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
index b55f4537f..72fa89173 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel6: 26844-1
cce@rhel7: 27350-8
+ cce@rhel8: 80667-9
references:
stigid@rhel6: RHEL-06-000061
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
index 18f26f896..9e227dc90 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_deny_root/rule.yml
@@ -15,6 +15,7 @@ severity: medium
identifiers:
cce@rhel7: 80353-6
+ cce@rhel8: 80668-7
references:
disa: "2238"
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
index c6669610f..5af47ce33 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_interval/rule.yml
@@ -37,6 +37,7 @@ severity: medium
identifiers:
cce@rhel6: 27215-3
cce@rhel7: 27297-1
+ cce@rhel8: 80669-5
references:
stigid@rhel6: RHEL-06-000357
diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
index 7b01031a3..d3ce96049 100644
--- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_passwords_pam_faillock_unlock_time/rule.yml
@@ -29,6 +29,7 @@ severity: medium
identifiers:
cce@rhel6: 27110-6
cce@rhel7: 26884-7
+ cce@rhel8: 80670-3
references:
stigid@rhel6: RHEL-06-000356
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
index 3b8796bc2..c2cc014a8 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel7: 27214-6
+ cce@rhel8: 80653-9
references:
cis: 6.3.2
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
index 7394eb774..a3e340ab0 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_difok/rule.yml
@@ -31,6 +31,7 @@ severity: medium
identifiers:
cce@rhel7: 26631-2
+ cce@rhel8: 80654-7
references:
cjis: 5.6.2.1.1
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
index 70a819dd5..f99df85db 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_lcredit/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel7: 27345-8
+ cce@rhel8: 80655-4
references:
disa: "193"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
index dd949a6f9..29bfdd417 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_minlen/rule.yml
@@ -24,6 +24,7 @@ severity: medium
identifiers:
cce@rhel7: 27293-0
+ cce@rhel8: 80656-2
references:
cis: 6.3.2
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
index f2a6a0a40..b983f7e2f 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ocredit/rule.yml
@@ -29,6 +29,7 @@ severity: medium
identifiers:
cce@rhel7: 27360-7
+ cce@rhel8: 80663-8
references:
disa: "1619"
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
index 8a7d222e0..3e030a77d 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_retry/rule.yml
@@ -17,10 +17,11 @@ rationale: |-
draw additional attention to some types of password-guessing attacks. Note that this
is different from account lockout, which is provided by the pam_faillock module.
-severity: unknown
+severity: medium
identifiers:
cce@rhel7: 27160-1
+ cce@rhel8: 80664-6
references:
cis: 6.3.2
diff --git a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
index 01105a44d..018d38f7d 100644
--- a/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml
@@ -24,6 +24,7 @@ severity: medium
identifiers:
cce@rhel7: 27200-5
+ cce@rhel8: 80665-3
references:
cis: 6.3.2
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
index 0884f26b6..1cb4ca189 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_libuserconf/rule.yml
@@ -17,6 +17,7 @@ severity: medium
identifiers:
cce@rhel6: 27229-4
cce@rhel7: 27053-8
+ cce@rhel8: 80891-5
references:
stigid@rhel6: RHEL-06-000064
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
index 82cfd0c12..12b856252 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml
@@ -21,6 +21,7 @@ severity: medium
identifiers:
cce@rhel6: 27228-6
cce@rhel7: 27124-7
+ cce@rhel8: 80892-3
references:
stigid@rhel6: RHEL-06-000063
diff --git a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
index 5221c6b96..4c77b3837 100644
--- a/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_systemauth/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@rhel6: 26303-8
cce@rhel7: 27104-9
+ cce@rhel8: 80893-1
references:
stigid@rhel6: RHEL-06-000062
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
index 3da99ba13..4c2a01033 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_burstaction/rule.yml
@@ -22,6 +22,7 @@ severity: high
identifiers:
cce@rhel7: 80449-2
+ cce@rhel8: 80784-2
references:
cui: 3.4.5
diff --git a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
index 7efa627a6..f607d4213 100644
--- a/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/disable_ctrlaltdel_reboot/rule.yml
@@ -49,6 +49,7 @@ severity: high
identifiers:
cce@rhel7: 27511-5
+ cce@rhel8: 80785-9
references:
cui: 3.4.5
diff --git a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
index ea65f40d8..658249a28 100644
--- a/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/grub2_disable_interactive_boot/rule.yml
@@ -23,6 +23,7 @@ severity: medium
identifiers:
cce@rhel7: 27335-9
+ cce@rhel8: 80826-1
references:
cui: 3.1.2,3.4.5
diff --git a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
index be11787cb..65f9a9c5c 100644
--- a/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/require_singleuser_auth/rule.yml
@@ -36,6 +36,7 @@ severity: medium
identifiers:
cce@rhel6: 27040-5
cce@rhel7: 27287-2
+ cce@rhel8: 80855-0
references:
stigid@rhel6: RHEL-06-000069
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
index 34893bcc6..a2f5d4559 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/console_screen_locking/configure_tmux_lock_command/rule.yml
@@ -20,6 +20,9 @@ rationale: |-
severity: medium
+identifiers:
+ cce@rhel8: 80940-0
+
ocil_clause: 'lock-command is not set'
ocil: |-
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
index 9a44f66a3..7dafbfe65 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_card_drivers/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel7: 80565-5
+ cce@rhel8: 80766-9
references:
disa: 765,766,767,768,771,772,884
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_nss_db/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_nss_db/rule.yml
index c0259c9c6..37619fcb8 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_nss_db/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/configure_opensc_nss_db/rule.yml
@@ -20,6 +20,7 @@ severity: medium
identifiers:
cce@rhel7: 80567-1
+ cce@rhel8: 80767-7
references:
disa: 765,766,767,768,771,772,884
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml
index 356bf4bff..99cddf235 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/force_opensc_card_drivers/rule.yml
@@ -28,6 +28,7 @@ severity: medium
identifiers:
cce@rhel7: 80207-4
+ cce@rhel8: 80821-2
references:
disa: 765,766,767,768,771,772,884
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
index 63c570e07..6b01ddb2e 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/install_smartcard_packages/rule.yml
@@ -24,7 +24,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80519-2
+ cce@rhel7: 80519-2
references:
disa: "1954"
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
index 8203abbf0..8946fd764 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/package_opensc_installed/rule.yml
@@ -23,6 +23,7 @@ severity: medium
identifiers:
cce@rhel7: 80568-9
+ cce@rhel8: 80846-9
references:
disa: "1954"
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
index 941fad13b..d0a8cfa05 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/service_pcscd_enabled/rule.yml
@@ -23,6 +23,7 @@ severity: medium
identifiers:
cce@rhel7: 80569-7
+ cce@rhel8: 80881-6
references:
disa: "1954"
diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/rule.yml b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/rule.yml
index cb49b7f17..56af0e394 100644
--- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/rule.yml
@@ -25,7 +25,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80520-0
+ cce@rhel7: 80520-0
references:
disa: "1954"
diff --git a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
index a186825b4..cfaf67eb2 100644
--- a/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-physical/service_debug-shell_disabled/rule.yml
@@ -24,6 +24,7 @@ severity: medium
identifiers:
cce@rhel7: 80206-6
+ cce@rhel8: 80876-6
references:
cui: 3.4.5
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
index f9ce8e7de..e59817b22 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_disable_post_pw_expiration/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel6: 27283-1
cce@rhel7: 27355-7
+ cce@rhel8: 80954-1
references:
stigid@rhel6: RHEL-06-000334
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_unique_name/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_unique_name/rule.yml
index 03f1e4681..d5ee139bc 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_unique_name/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/account_expiration/account_unique_name/rule.yml
@@ -6,11 +6,12 @@ description: 'Change usernames, or delete accounts, so each has a unique name.'
rationale: 'Unique usernames allow for accountability on the system.'
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27609-7
cce@rhel7: 80208-2
+ cce@rhel8: 80674-5
references:
stigid@rhel6: RHEL-06-000296
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
index 56ada88b3..7c5e6f74a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_maximum_age_login_defs/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel6: 26985-2
cce@rhel7: 27051-2
+ cce@rhel8: 80647-1
references:
stigid@rhel6: RHEL-06-000053
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
index 95d07174d..9e7a35775 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_minimum_age_login_defs/rule.yml
@@ -18,6 +18,7 @@ severity: medium
identifiers:
cce@rhel6: 27013-2
cce@rhel7: 27002-5
+ cce@rhel8: 80648-9
references:
stigid@rhel6: RHEL-06-000051
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
index e024b1244..c7cd5ce6a 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_minlen_login_defs/rule.yml
@@ -16,6 +16,7 @@ severity: medium
identifiers:
cce@rhel6: 27002-5
cce@rhel7: 27123-9
+ cce@rhel8: 80652-1
references:
stigid@rhel6: RHEL-06-000050
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
index 8ed61a8b2..4b04426a8 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_max_life_existing/rule.yml
@@ -19,7 +19,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80522-6
+ cce@rhel7: 80522-6
references:
disa: "199"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
index 2d5a65136..3427a3d1d 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_set_min_life_existing/rule.yml
@@ -19,7 +19,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80521-8
+ cce@rhel7: 80521-8
references:
disa: "198"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/rule.yml
index 81e6c1f28..86fcaa3ad 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_expiration/accounts_password_warn_age_login_defs/rule.yml
@@ -15,11 +15,12 @@ rationale: |-
Setting the password warning age enables users to
make the change at a practical time.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26988-6
cce@rhel7: 26486-1
+ cce@rhel8: 80671-1
references:
stigid@rhel6: RHEL-06-000054
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed/rule.yml
index ed47892de..77e5b8061 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/accounts_password_all_shadowed/rule.yml
@@ -18,6 +18,7 @@ severity: medium
identifiers:
cce@rhel6: 26476-2
cce@rhel7: 27352-4
+ cce@rhel8: 80651-3
references:
stigid@rhel6: RHEL-06-000031
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/gid_passwd_group_same/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/gid_passwd_group_same/rule.yml
index 43c0906ae..95f1095bf 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/gid_passwd_group_same/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/gid_passwd_group_same/rule.yml
@@ -14,6 +14,7 @@ severity: low
identifiers:
cce@rhel6: 27379-7
cce@rhel7: 27503-2
+ cce@rhel8: 80822-0
references:
stigid@rhel6: RHEL-06-000294
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
index fea018fa2..5ab22ceca 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_empty_passwords/rule.yml
@@ -19,6 +19,7 @@ severity: high
identifiers:
cce@rhel6: 27038-9
cce@rhel7: 27286-4
+ cce@rhel8: 80841-0
references:
stigid@rhel6: RHEL-06-000030
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
index 5622f7499..981072ed7 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/accounts_no_uid_except_zero/rule.yml
@@ -16,6 +16,7 @@ severity: high
identifiers:
cce@rhel6: 26971-2
cce@rhel7: 27175-9
+ cce@rhel8: 80649-7
references:
stigid@rhel6: RHEL-06-000032
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/rule.yml
index 727da27ea..ec22c7f91 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_direct_root_logins/rule.yml
@@ -29,6 +29,7 @@ severity: medium
identifiers:
cce@rhel6: 26891-2
cce@rhel7: 27294-8
+ cce@rhel8: 80840-2
references:
cis: "5.5"
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
index c0b2220cd..00f792a7d 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/no_shelllogin_for_systemaccounts/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel6: 26966-2
cce@rhel7: 26448-1
+ cce@rhel8: 80843-6
references:
disa@rhel6: '178'
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/rule.yml
index f4f83d736..983aaea44 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/restrict_serial_port_logins/rule.yml
@@ -18,6 +18,7 @@ severity: unknown
identifiers:
cce@rhel6: 27047-0
cce@rhel7: 27268-2
+ cce@rhel8: 80856-8
references:
stigid@rhel6: RHEL-06-000028
diff --git a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/rule.yml b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/rule.yml
index 1bae06775..960ce88b4 100644
--- a/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-restrictions/root_logins/securetty_root_login_console_only/rule.yml
@@ -20,6 +20,7 @@ severity: medium
identifiers:
cce@rhel6: 26855-7
cce@rhel7: 27318-5
+ cce@rhel8: 80864-2
references:
stigid@rhel6: RHEL-06-000027
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
index a33db7f55..97a516b31 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_max_concurrent_login_sessions/rule.yml
@@ -19,6 +19,7 @@ severity: low
identifiers:
cce@rhel6: 27457-1
cce@rhel7: 27081-9
+ cce@rhel8: 80955-8
references:
stigid@rhel6: RHEL-06-000319
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
index 2bf379ed3..e219c5cf8 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_tmout/rule.yml
@@ -21,6 +21,7 @@ severity: medium
identifiers:
cce@rhel6: 27333-4
cce@rhel7: 27557-8
+ cce@rhel8: 80673-7
references:
cui: 3.1.11
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml
index d9c532f87..c11a85a40 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_group_ownership/rule.yml
@@ -18,7 +18,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80526-7
+ cce@rhel7: 80526-7
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
index 554a3ef9c..8b2877ff9 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_no_world_writable_programs/rule.yml
@@ -19,7 +19,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80523-4
+ cce@rhel7: 80523-4
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml
index 3d2a24e62..77d95db59 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_dot_user_ownership/rule.yml
@@ -17,7 +17,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80527-5
+ cce@rhel7: 80527-5
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
index e1eadd9fd..1166ed20b 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_home_paths_only/rule.yml
@@ -23,7 +23,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80524-2
+ cce@rhel7: 80524-2
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
index d620bb0aa..69b42ccce 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_defined/rule.yml
@@ -15,7 +15,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80528-3
+ cce@rhel7: 80528-3
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
index 5c0774d8c..6d803c903 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_user_interactive_home_directory_exists/rule.yml
@@ -20,7 +20,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80529-1
+ cce@rhel7: 80529-1
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
index 747281ef0..a414b4e6b 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_groupownership/rule.yml
@@ -17,7 +17,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80534-1
+ cce@rhel7: 80534-1
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml
index a9df4e84e..ab77bc555 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_ownership/rule.yml
@@ -18,7 +18,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80533-3
+ cce@rhel7: 80533-3
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
index 2f3af6738..adaa13531 100644
--- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/rule.yml
@@ -16,7 +16,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80535-8
+ cce@rhel7: 80535-8
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
index 62e0d90e2..6e1a016fb 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_groupownership_home_directories/rule.yml
@@ -19,7 +19,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80532-5
+ cce@rhel7: 80532-5
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml
index 717d6d041..48f84c88c 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_ownership_home_directories/rule.yml
@@ -18,7 +18,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80531-7
+ cce@rhel7: 80531-7
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
index 4ce8b4d55..801672ee5 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_permission_user_init_files/rule.yml
@@ -17,7 +17,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80525-9
+ cce@rhel7: 80525-9
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
index 789bea9c2..18323547e 100644
--- a/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/file_permissions_home_directories/rule.yml
@@ -17,7 +17,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80530-9
+ cce@rhel7: 80530-9
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/rule.yml b/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/rule.yml
index ec09e14c4..e9669cf58 100644
--- a/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/root_paths/accounts_root_path_dirs_no_write/rule.yml
@@ -13,11 +13,12 @@ rationale: |-
execute code provided by unprivileged users,
and potentially malicious code.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26768-2
cce@rhel7: 80200-9
+ cce@rhel8: 80672-9
references:
disa: "366"
diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
index f1a7fa125..d58ee6339 100644
--- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
+++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/rule.yml
@@ -17,7 +17,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80536-6
+ cce@rhel7: 80536-6
references:
disa: "1814"
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml
index c10938e8c..9649a2ded 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml
@@ -29,6 +29,7 @@ severity: unknown
identifiers:
cce@rhel6: 26280-8
cce@rhel7: 27339-1
+ cce@rhel8: 80685-1
references:
stigid@rhel6: RHEL-06-000184
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml
index 60e709f53..2e395a9f3 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml
@@ -29,6 +29,7 @@ severity: unknown
identifiers:
cce@rhel6: 27173-4
cce@rhel7: 27364-9
+ cce@rhel8: 80686-9
references:
stigid@rhel6: RHEL-06-000185
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml
index b4c79f035..6e198cbc6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml
@@ -29,6 +29,7 @@ severity: unknown
identifiers:
cce@rhel6: 27174-2
cce@rhel7: 27393-8
+ cce@rhel8: 80687-7
references:
stigid@rhel6: RHEL-06-000186
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml
index 36d318c6f..83527e945 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml
@@ -29,6 +29,7 @@ severity: unknown
identifiers:
cce@rhel6: 27175-9
cce@rhel7: 27388-8
+ cce@rhel8: 80688-5
references:
stigid@rhel6: RHEL-06-000187
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml
index 1e5b80170..f3a5f7f78 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml
@@ -29,6 +29,7 @@ severity: unknown
identifiers:
cce@rhel6: 27177-5
cce@rhel7: 27356-5
+ cce@rhel8: 80689-3
references:
stigid@rhel6: RHEL-06-000188
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml
index d2fc3fb4f..6732047ab 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml
@@ -29,6 +29,7 @@ severity: unknown
identifiers:
cce@rhel6: 27178-3
cce@rhel7: 27387-0
+ cce@rhel8: 80690-1
references:
stigid@rhel6: RHEL-06-000189
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
index e643dd7fc..7465bfe9b 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml
@@ -34,6 +34,7 @@ severity: medium
identifiers:
cce@rhel6: 27179-1
cce@rhel7: 27353-2
+ cce@rhel8: 80691-9
references:
stigid@rhel6: RHEL-06-000190
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
index a509cd43c..c625c2475 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml
@@ -29,6 +29,7 @@ severity: unknown
identifiers:
cce@rhel6: 27180-9
cce@rhel7: 27389-6
+ cce@rhel8: 80692-7
references:
stigid@rhel6: RHEL-06-000191
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml
index 9e6c70649..4c0804c73 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml
@@ -29,6 +29,7 @@ severity: unknown
identifiers:
cce@rhel6: 27181-7
cce@rhel7: 27083-5
+ cce@rhel8: 80693-5
references:
stigid@rhel6: RHEL-06-000192
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
index 4fe072bc8..a6be5564d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml
@@ -34,6 +34,7 @@ severity: medium
identifiers:
cce@rhel6: 27182-5
cce@rhel7: 27410-0
+ cce@rhel8: 80694-3
references:
stigid@rhel6: RHEL-06-000193
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
index e2b4d5e8c..29b2dc307 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml
@@ -29,6 +29,7 @@ severity: unknown
identifiers:
cce@rhel6: 27183-3
cce@rhel7: 27280-7
+ cce@rhel8: 80695-0
references:
stigid@rhel6: RHEL-06-000194
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
index 9baaf7411..2093a4152 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml
@@ -33,6 +33,7 @@ severity: medium
identifiers:
cce@rhel6: 27184-1
cce@rhel7: 27367-2
+ cce@rhel8: 80696-8
references:
stigid@rhel6: RHEL-06-000195
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
index 67e9beb2c..8446637bc 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml
@@ -29,6 +29,7 @@ severity: unknown
identifiers:
cce@rhel6: 27185-8
cce@rhel7: 27213-8
+ cce@rhel8: 80697-6
references:
stigid@rhel6: RHEL-06-000196
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
index 98838b70c..feb8aad6f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_chcon/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80393-2
+ cce@rhel8: 80698-4
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml
index 1004ecc0c..6fbed3dd6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_restorecon/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80394-0
+ cce@rhel8: 80699-2
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
index e2dbdd5a6..0f9793b38 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_semanage/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80391-6
+ cce@rhel8: 80700-8
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
index 44ebae92a..478cf0850 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_setsebool/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80392-4
+ cce@rhel8: 80701-6
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml
index 80c36cc9a..1c582219f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_execution_selinux_commands/audit_rules_execution_seunshare/rule.yml
@@ -30,6 +30,9 @@ rationale: |-
severity: medium
+identifiers:
+ cce@rhel8: 80933-5
+
references:
ospp@rhel7: FAU_GEN.1.1.c
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
index eb1d33675..816997d6e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events/rule.yml
@@ -26,6 +26,7 @@ severity: medium
identifiers:
cce@rhel6: 26651-0
cce@rhel7: 27206-2
+ cce@rhel8: 80702-4
references:
disa@rhel6: "126"
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml
index 75890215e..a06682bb5 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel7: 27206-2
+ cce@rhel8: 80703-2
references:
cis: 5.2.14
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml
index 92ad7d70d..01137eae9 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel7: 80413-8
+ cce@rhel8: 80704-0
references:
cis: 5.2.14
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml
index f5eda6870..4bf9c795b 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel7: 80412-0
+ cce@rhel8: 80705-7
references:
cis: 5.2.14
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml
index 2e3c71d36..b4f638f41 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel7: 27206-2
+ cce@rhel8: 80706-5
references:
cis: 5.2.14
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml
index 88306a0f6..f93df0924 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel7: 27206-2
+ cce@rhel8: 80707-3
references:
cis: 5.2.14
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
index a8f05038a..a0dfb4a25 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading/rule.yml
@@ -33,6 +33,7 @@ severity: medium
identifiers:
cce@rhel6: 26611-4
cce@rhel7: 27129-6
+ cce@rhel8: 80709-9
references:
disa@rhel6: "126"
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml
index dde79de47..5980f509f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_create/rule.yml
@@ -23,6 +23,9 @@ rationale: |-
severity: medium
+identifiers:
+ cce@rhel8: 80710-7
+
references:
disa: "172"
srg: SRG-OS-000471-GPOS-00216,SRG-OS-000477-GPOS-00222
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
index ddb5c3acb..c57f0a1d9 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml
@@ -25,6 +25,7 @@ severity: medium
identifiers:
cce@rhel7: 80415-3
+ cce@rhel8: 80711-5
references:
cis: 5.2.17
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
index 5010a07ab..71943c022 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml
@@ -25,6 +25,7 @@ severity: medium
identifiers:
cce@rhel7: 80547-3
+ cce@rhel8: 80712-3
references:
cis: 5.2.17
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
index f70cbc02c..0c4cb5541 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml
@@ -25,6 +25,7 @@ severity: medium
identifiers:
cce@rhel7: 80414-6
+ cce@rhel8: 80713-1
references:
cis: 5.2.17
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_insmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_insmod/rule.yml
index 958452d05..14ca4922e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_insmod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_insmod/rule.yml
@@ -24,6 +24,7 @@ severity: medium
identifiers:
cce@rhel7: 80446-8
+ cce@rhel8: 80714-9
references:
cis: 5.2.17
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_modprobe/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_modprobe/rule.yml
index e923739af..d037b2a34 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_modprobe/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_modprobe/rule.yml
@@ -24,6 +24,7 @@ severity: medium
identifiers:
cce@rhel7: 80417-9
+ cce@rhel8: 80715-6
references:
cis: 5.2.17
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_rmmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_rmmod/rule.yml
index 6cd132654..b22487fc6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_rmmod/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_rmmod/rule.yml
@@ -24,6 +24,7 @@ severity: medium
identifiers:
cce@rhel7: 80416-1
+ cce@rhel8: 80716-4
references:
cis: 5.2.17
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
index 8d415c8b7..f23a9b9c8 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events/rule.yml
@@ -29,6 +29,7 @@ severity: medium
identifiers:
cce@rhel6: 26691-6
cce@rhel7: 27204-7
+ cce@rhel8: 80717-2
references:
nist@rhel6: AC-3(10)
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
index caadcd3cb..9d9da4b72 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml
@@ -26,6 +26,7 @@ severity: medium
identifiers:
cce@rhel7: 80383-3
+ cce@rhel8: 80718-0
references:
cis: 5.2.8
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
index 6cf28ce80..674079217 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml
@@ -26,6 +26,7 @@ severity: medium
identifiers:
cce@rhel7: 80384-1
+ cce@rhel8: 80719-8
references:
cis: 5.2.8
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
index 18b6ba452..34b8f3cd1 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml
@@ -26,6 +26,7 @@ severity: medium
identifiers:
cce@rhel7: 80382-5
+ cce@rhel8: 80720-6
references:
cis: 5.2.8
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/rule.yml
index 7c2773334..b3bfa16eb 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/rule.yml
@@ -39,6 +39,7 @@ severity: medium
identifiers:
cce@rhel6: 26457-2
cce@rhel7: 27437-3
+ cce@rhel8: 80724-8
references:
disa@rhel6: "40"
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
index 400c8129e..f2b40b448 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chage/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80398-1
+ cce@rhel8: 80725-5
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
index 903c13208..4285aec38 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_chsh/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80404-7
+ cce@rhel8: 80726-3
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
index 9ac6bd819..371d82ecd 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_crontab/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80410-4
+ cce@rhel8: 80727-1
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
index 537e6ba41..4e8e2f0ee 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_gpasswd/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80397-3
+ cce@rhel8: 80728-9
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
index 8b381bbf8..b9cf8d67f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_newgrp/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80403-9
+ cce@rhel8: 80729-7
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
index 6c597d0ad..8474aba30 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pam_timestamp_check/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80411-2
+ cce@rhel8: 80730-5
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
index 575ab8c53..ed1afd38a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_passwd/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80395-7
+ cce@rhel8: 80731-3
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
index 6b2457029..ea6de5430 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postdrop/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80406-2
+ cce@rhel8: 80732-1
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
index 54965075c..8c30cee5f 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_postqueue/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80407-0
+ cce@rhel8: 80733-9
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml
index 8bcfcb899..6e3ca8682 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_pt_chown/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80409-6
+ cce@rhel8: 80734-7
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
index 466d8fc04..c43768cb5 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_ssh_keysign/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80408-8
+ cce@rhel8: 80735-4
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
index a6e0a50ae..e0f39441a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_su/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80400-5
+ cce@rhel8: 80736-2
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
index 92881180c..1a3045761 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudo/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80401-3
+ cce@rhel8: 80737-0
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
index cca1be806..76cb01ab1 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_sudoedit/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80402-1
+ cce@rhel8: 80738-8
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
index 53f3f61d7..9e921f00c 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_umount/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80405-4
+ cce@rhel8: 80739-6
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
index 17fd7e93f..25b47655a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_unix_chkpwd/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80396-5
+ cce@rhel8: 80740-4
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
index d28d2d7ed..db802f631 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_userhelper/rule.yml
@@ -32,6 +32,7 @@ severity: medium
identifiers:
cce@rhel7: 80399-9
+ cce@rhel8: 80741-2
references:
cui: 3.1.7
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml
index 269a019bd..de7d8c510 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open/rule.yml
@@ -22,6 +22,9 @@ rationale: |-
severity: medium
+identifiers:
+ cce@rhel8: 80927-7
+
references:
ospp@rhel7: FAU_GEN.1.1.c
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml
index 2333cab53..8f36c074e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_open_by_handle_at/rule.yml
@@ -22,6 +22,9 @@ rationale: |-
severity: medium
+identifiers:
+ cce@rhel8: 80929-3
+
references:
ospp@rhel7: FAU_GEN.1.1.c
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml
index 83629fba4..dc04e13f6 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_group_openat/rule.yml
@@ -22,6 +22,9 @@ rationale: |-
severity: medium
+identifiers:
+ cce@rhel8: 80928-5
+
references:
ospp@rhel7: FAU_GEN.1.1.c
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml
index f0ea00296..0d56be161 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open/rule.yml
@@ -22,6 +22,9 @@ rationale: |-
severity: medium
+identifiers:
+ cce@rhel8: 80930-1
+
references:
ospp@rhel7: FAU_GEN.1.1.c
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml
index 3af3e184b..c8df487f9 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_open_by_handle_at/rule.yml
@@ -21,6 +21,9 @@ rationale: |-
Auditing these events could serve as evidence of potential system compromise.
severity: medium
+
+identifiers:
+ cce@rhel8: 80932-7
references:
ospp@rhel7: FAU_GEN.1.1.c
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml
index 6166aa138..2ccdd2230 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_etc_passwd_openat/rule.yml
@@ -22,6 +22,9 @@ rationale: |-
severity: medium
+identifiers:
+ cce@rhel8: 80931-9
+
references:
ospp@rhel7: FAU_GEN.1.1.c
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml
index 2823cd707..7067ef478 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel6: 26612-2
cce@rhel7: 27097-5
+ cce@rhel8: 80708-1
references:
cis: 4.1.18
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/rule.yml
index 67c80e966..9d4f44e9a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/rule.yml
@@ -18,11 +18,12 @@ rationale: |-
arbitrarily changed by anything other than administrator action. All changes to
MAC policy should be audited.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26657-7
cce@rhel7: 27168-4
+ cce@rhel8: 80721-4
references:
stigid@rhel6: RHEL-06-000183
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml
index 8740350ec..cdd32d85e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel6: 26573-6
cce@rhel7: 27447-2
+ cce@rhel8: 80722-2
references:
stigid@rhel6: RHEL-06-000199
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/rule.yml
index 3c23ad814..866bc867d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/rule.yml
@@ -28,11 +28,12 @@ rationale: |-
than administrator action. Any change to network parameters should be
audited.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26648-6
cce@rhel7: 27076-9
+ cce@rhel8: 80723-0
references:
stigid@rhel6: RHEL-06-000182
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/rule.yml
index 3aac975f9..96057cdec 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/rule.yml
@@ -24,11 +24,12 @@ rationale: |-
Manual editing of these files may indicate nefarious activity, such
as an attacker attempting to remove evidence of an intrusion.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26610-6
cce@rhel7: 27301-1
+ cce@rhel8: 80742-0
references:
nist@rhel6: AC-3(10)
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/rule.yml
index 4ad19e125..539199c7a 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/rule.yml
@@ -25,6 +25,7 @@ severity: unknown
identifiers:
cce@rhel6: 26662-7
cce@rhel7: 27461-3
+ cce@rhel8: 80743-8
references:
stigid@rhel6: RHEL-06-000201
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
index 42e99187c..bbf1584aa 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_system_shutdown/rule.yml
@@ -29,6 +29,7 @@ severity: medium
identifiers:
cce@rhel7: 80381-7
+ cce@rhel8: 80744-6
references:
cui: 3.3.1,3.3.4
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/rule.yml
index 2838470d8..dbb92ce93 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/rule.yml
@@ -29,11 +29,12 @@ rationale: |-
will alert the system administrator(s) to any modifications. Any unexpected
users, groups, or modifications should be investigated for legitimacy.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26664-3
cce@rhel7: 27192-4
+ cce@rhel8: 80757-8
references:
stigid@rhel6: RHEL-06-000174
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
index 47d6f06ac..24a39a602 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml
@@ -29,6 +29,7 @@ severity: medium
identifiers:
cce@rhel7: 80433-6
+ cce@rhel8: 80758-6
references:
cis: 5.2.5
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
index dbe900e3e..d90b668b5 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml
@@ -29,6 +29,7 @@ severity: medium
identifiers:
cce@rhel7: 80432-8
+ cce@rhel8: 80759-4
references:
cis: 5.2.5
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
index 958483a1a..e6c81a5f1 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml
@@ -29,6 +29,7 @@ severity: medium
identifiers:
cce@rhel7: 80430-2
+ cce@rhel8: 80760-2
references:
cis: 5.2.5
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
index 0e8ed3b5b..78f096588 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml
@@ -29,6 +29,7 @@ severity: medium
identifiers:
cce@rhel7: 80435-1
+ cce@rhel8: 80761-0
references:
cis: 5.2.5
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
index 081244a11..521322767 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml
@@ -29,6 +29,7 @@ severity: medium
identifiers:
cce@rhel7: 80431-0
+ cce@rhel8: 80762-8
references:
cis: 5.2.5
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/rule.yml
index bb71a9050..c4b754b04 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/rule.yml
@@ -28,11 +28,12 @@ rationale: |-
are highly dependent upon an accurate system time (such as sshd). All changes
to the system time should be audited.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26242-8
cce@rhel7: 27290-6
+ cce@rhel8: 80745-3
references:
stigid@rhel6: RHEL-06-000165
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/rule.yml
index de2c4dfda..de2ae9ce7 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_clock_settime/rule.yml
@@ -28,11 +28,12 @@ rationale: |-
are highly dependent upon an accurate system time (such as sshd). All changes
to the system time should be audited.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27170-0
cce@rhel7: 27219-5
+ cce@rhel8: 80746-1
references:
stigid@rhel6: RHEL-06-000171
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/rule.yml
index b8e2f5c95..a6188c2be 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_settimeofday/rule.yml
@@ -28,11 +28,12 @@ rationale: |-
are highly dependent upon an accurate system time (such as sshd). All changes
to the system time should be audited.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27203-9
cce@rhel7: 27216-1
+ cce@rhel8: 80747-9
references:
stigid@rhel6: RHEL-06-000167
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/rule.yml
index 7b2fe7b9f..2e74abf14 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_stime/rule.yml
@@ -32,11 +32,12 @@ rationale: |-
are highly dependent upon an accurate system time (such as sshd). All changes
to the system time should be audited.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27169-2
cce@rhel7: 27299-7
+ cce@rhel8: 80748-7
references:
stigid@rhel6: RHEL-06-000169
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/rule.yml
index 08c8de2b4..3072909c0 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_watch_localtime/rule.yml
@@ -22,11 +22,12 @@ rationale: |-
are highly dependent upon an accurate system time (such as sshd). All changes
to the system time should be audited.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27172-6
cce@rhel7: 27310-2
+ cce@rhel8: 80749-5
references:
stigid@rhel6: RHEL-06-000173
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
index f1770e00b..95fba1e0b 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification/rule.yml
@@ -33,6 +33,7 @@ severity: medium
identifiers:
cce@rhel6: 26712-0
cce@rhel7: 27347-4
+ cce@rhel8: 80750-3
references:
disa@rhel6: "126"
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
index 18ebaa0ef..050921624 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml
@@ -34,6 +34,7 @@ severity: medium
identifiers:
cce@rhel7: 80385-8
+ cce@rhel8: 80751-1
references:
cis: 5.2.10
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
index 371131bcc..7b4d89af2 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml
@@ -34,6 +34,7 @@ severity: medium
identifiers:
cce@rhel7: 80390-8
+ cce@rhel8: 80752-9
references:
cis: 5.2.10
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
index 21ca96d59..00d7748d5 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml
@@ -34,6 +34,7 @@ severity: medium
identifiers:
cce@rhel7: 80386-6
+ cce@rhel8: 80753-7
references:
cis: 5.2.10
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
index 6699c644f..776f2335e 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_open_by_handle_at/rule.yml
@@ -34,6 +34,7 @@ severity: medium
identifiers:
cce@rhel7: 80388-2
+ cce@rhel8: 80755-2
references:
cis: 5.2.10
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
index 463d85b56..a89a18d03 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml
@@ -34,6 +34,7 @@ severity: medium
identifiers:
cce@rhel7: 80387-4
+ cce@rhel8: 80754-5
references:
cis: 5.2.10
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
index 1a0416a1f..1f5f946e2 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_unsuccessful_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml
@@ -34,6 +34,7 @@ severity: medium
identifiers:
cce@rhel7: 80389-0
+ cce@rhel8: 80756-0
references:
cis: 5.2.10
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_access_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/directory_access_var_log_audit/rule.yml
index d4dc9d2f8..1567576de 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_access_var_log_audit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_access_var_log_audit/rule.yml
@@ -22,7 +22,10 @@ rationale: |-
references:
ospp@rhel7: FAU_GEN.1.1.c
-severity: unknown
+severity: medium
+
+identifiers:
+ cce@rhel8: 80941-8
ocil_clause: "no line is returned"
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit/rule.yml
index 8a6d2eb96..b5e02986d 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_ownership_var_log_audit/rule.yml
@@ -16,6 +16,7 @@ severity: medium
identifiers:
cce@rhel6: 27244-3
cce@rhel7: 80125-8
+ cce@rhel8: 80808-9
references:
stigid@rhel6: RHEL-06-000384
diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
index fb0cf9133..740509406 100644
--- a/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
+++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_permissions_var_log_audit/rule.yml
@@ -19,6 +19,7 @@ severity: medium
identifiers:
cce@rhel6: 27243-5
cce@rhel7: 27205-4
+ cce@rhel8: 80819-6
references:
stigid@rhel6: RHEL-06-000383
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml
index 2af5cd02f..f108f2942 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_configure_remote_server/rule.yml
@@ -27,7 +27,8 @@ rationale: |-
severity: medium
identifiers:
- cce: 80541-6
+ cce@rhel7: 80541-6
+ cce@rhel8: 80925-1
references:
disa: "1851"
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml
index a9eaf4c7a..0635d1e5e 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_disk_full_action/rule.yml
@@ -22,7 +22,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80539-0
+ cce@rhel7: 80539-0
references:
disa: "1851"
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
index fba580ae4..a3721388c 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_encrypt_sent_records/rule.yml
@@ -24,7 +24,8 @@ rationale: |-
severity: medium
identifiers:
- cce: 80540-8
+ cce@rhel7: 80540-8
+ cce@rhel8: 80926-9
references:
disa: "1851"
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml
index 6feb77b47..c8699c7ba 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_network_failure_action/rule.yml
@@ -22,7 +22,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80538-2
+ cce@rhel7: 80538-2
references:
disa: "1851"
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml
index 184e59fd1..6c03602a7 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_audispd_syslog_plugin_activated/rule.yml
@@ -26,6 +26,7 @@ severity: medium
identifiers:
cce@rhel6: 26933-2
cce@rhel7: 27341-7
+ cce@rhel8: 80677-8
references:
stigid@rhel6: RHEL-06-000509
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
index 97675adf8..66657c615 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_action_mail_acct/rule.yml
@@ -18,6 +18,7 @@ severity: medium
identifiers:
cce@rhel6: 27241-9
cce@rhel7: 27394-6
+ cce@rhel8: 80678-6
references:
stigid@rhel6: RHEL-06-000313
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/rule.yml
index 3824c19da..3bf1e42b3 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_admin_space_left_action/rule.yml
@@ -25,6 +25,7 @@ severity: medium
identifiers:
cce@rhel6: 27239-3
cce@rhel7: 27370-6
+ cce@rhel8: 80679-4
references:
stigid@rhel6: RHEL-06-000163
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
index 138e14392..4fe519084 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_flush/rule.yml
@@ -16,10 +16,11 @@ rationale: |-
log integrity. These parameters assure that all audit event data is fully
synchronized with the log files on the disk.
-severity: unknown
+severity: medium
identifiers:
cce@rhel7: 27331-8
+ cce@rhel8: 80680-2
references:
cui: 3.3.1
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/rule.yml
index cdc57663a..1531320e1 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file/rule.yml
@@ -22,6 +22,7 @@ severity: medium
identifiers:
cce@rhel6: 27550-3
cce@rhel7: 27319-3
+ cce@rhel8: 80681-0
references:
stigid@rhel6: RHEL-06-000160
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/rule.yml
index ae3fd8723..182e86bd2 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_max_log_file_action/rule.yml
@@ -30,6 +30,7 @@ severity: medium
identifiers:
cce@rhel6: 27237-7
cce@rhel7: 27231-0
+ cce@rhel8: 80682-8
references:
stigid@rhel6: RHEL-06-000161
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/rule.yml
index f60ecab0b..a83876bf8 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_num_logs/rule.yml
@@ -21,6 +21,7 @@ severity: medium
identifiers:
cce@rhel6: 27522-2
cce@rhel7: 27348-2
+ cce@rhel8: 80683-6
references:
stigid@rhel6: RHEL-06-000159
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
index 96f9da5e3..22793b81a 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left/rule.yml
@@ -21,7 +21,7 @@ severity: medium
identifiers:
cce@rhel6: 80507-7
- cce: 80537-4
+ cce@rhel7: 80537-4
references:
stigid@rhel6: RHEL-06-000311
diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
index 1995b59bd..26498a02b 100644
--- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
+++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_retention_space_left_action/rule.yml
@@ -31,6 +31,7 @@ severity: medium
identifiers:
cce@rhel6: 27238-5
cce@rhel7: 27375-5
+ cce@rhel8: 80684-4
references:
stigid@rhel6: RHEL-06-000005
diff --git a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
index 1c405fc87..6e8072cd6 100644
--- a/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
+++ b/linux_os/guide/system/auditing/grub2_audit_argument/rule.yml
@@ -21,6 +21,7 @@ severity: medium
identifiers:
cce@rhel7: 27212-0
+ cce@rhel8: 80825-3
references:
cis: 4.1.3
diff --git a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
index b646ec725..1e56ff0aa 100644
--- a/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
+++ b/linux_os/guide/system/auditing/grub2_audit_backlog_limit_argument/rule.yml
@@ -17,7 +17,10 @@ rationale: |-
are stored in this queue. If the queue is overrun during boot process, the action
defined by audit failure flag is taken.
-severity: unknown
+severity: medium
+
+identifiers:
+ cce@rhel8: 80943-4
ocil_clause: 'audit backlog limit is not configured'
diff --git a/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml b/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml
index c48a7bb7f..f7e5cf665 100644
--- a/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml
+++ b/linux_os/guide/system/auditing/service_auditd_enabled/rule.yml
@@ -23,6 +23,7 @@ severity: high
identifiers:
cce@rhel6: 27058-7
cce@rhel7: 27407-6
+ cce@rhel8: 80872-5
references:
stigid@rhel6: RHEL-06-000145
diff --git a/linux_os/guide/system/bootloader-grub2/file_groupowner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/file_groupowner_grub2_cfg/rule.yml
index 7381dd3c9..50c69b389 100644
--- a/linux_os/guide/system/bootloader-grub2/file_groupowner_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/file_groupowner_grub2_cfg/rule.yml
@@ -18,6 +18,7 @@ severity: medium
identifiers:
cce@rhel7: 26812-8
+ cce@rhel8: 80800-6
references:
cis: 1.4.1
diff --git a/linux_os/guide/system/bootloader-grub2/file_owner_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/file_owner_grub2_cfg/rule.yml
index 63f29aafd..81883aa0d 100644
--- a/linux_os/guide/system/bootloader-grub2/file_owner_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/file_owner_grub2_cfg/rule.yml
@@ -16,6 +16,7 @@ severity: medium
identifiers:
cce@rhel7: 26860-7
+ cce@rhel8: 80805-5
references:
cis: 1.4.1
diff --git a/linux_os/guide/system/bootloader-grub2/file_permissions_grub2_cfg/rule.yml b/linux_os/guide/system/bootloader-grub2/file_permissions_grub2_cfg/rule.yml
index 0a048f2a3..88c3eb9a8 100644
--- a/linux_os/guide/system/bootloader-grub2/file_permissions_grub2_cfg/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/file_permissions_grub2_cfg/rule.yml
@@ -16,6 +16,7 @@ severity: medium
identifiers:
cce@rhel7: 27054-6
+ cce@rhel8: 80814-7
references:
cis: 1.4.1
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_no_removeable_media/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_no_removeable_media/rule.yml
index 52430f5e4..6c66ca02e 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_no_removeable_media/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_no_removeable_media/rule.yml
@@ -18,7 +18,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80517-6
+ cce@rhel7: 80517-6
references:
disa: "1814"
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_password/rule.yml
index 5160c7ced..d3d6b7d6d 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_password/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_password/rule.yml
@@ -48,6 +48,7 @@ severity: high
identifiers:
cce@rhel7: 27309-4
+ cce@rhel8: 80828-7
references:
cis: 1.4.2
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_uefi_password/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_uefi_password/rule.yml
index b3f5fb311..c65b87fd6 100644
--- a/linux_os/guide/system/bootloader-grub2/grub2_uefi_password/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/grub2_uefi_password/rule.yml
@@ -48,6 +48,7 @@ severity: medium
identifiers:
cce@rhel7: 80354-4
+ cce@rhel8: 80829-5
references:
cis: 1.4.2
diff --git a/linux_os/guide/system/bootloader-grub2/uefi_no_removeable_media/rule.yml b/linux_os/guide/system/bootloader-grub2/uefi_no_removeable_media/rule.yml
index 0cfef2f75..78a4f5452 100644
--- a/linux_os/guide/system/bootloader-grub2/uefi_no_removeable_media/rule.yml
+++ b/linux_os/guide/system/bootloader-grub2/uefi_no_removeable_media/rule.yml
@@ -18,7 +18,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80518-4
+ cce@rhel7: 80518-4
references:
disa: "1814"
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
index 33b4d8e4e..05e82f5c1 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/rule.yml
@@ -20,6 +20,7 @@ severity: medium
identifiers:
cce@rhel7: 80380-9
+ cce@rhel8: 80859-2
references:
disa: "366"
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/rule.yml
index 92128698c..52d7b9616 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_groupownership/rule.yml
@@ -24,6 +24,7 @@ severity: medium
identifiers:
cce@rhel6: 26821-9
cce@rhel7: 80190-2
+ cce@rhel8: 80860-0
references:
anssi@debian8: NT28(R46),NT28(R5)
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/rule.yml
index 45dfffb5a..f3e3176aa 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_ownership/rule.yml
@@ -24,6 +24,7 @@ severity: medium
identifiers:
cce@rhel6: 26812-8
cce@rhel7: 80189-4
+ cce@rhel8: 80861-8
references:
anssi@debian8: NT28(R46),NT28(R5)
diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/rule.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/rule.yml
index dca943d5f..79d1ad93f 100644
--- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/rule.yml
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_files_permissions/rule.yml
@@ -14,6 +14,7 @@ severity: medium
identifiers:
cce@rhel6: 27190-8
cce@rhel7: 80191-0
+ cce@rhel8: 80862-6
references:
cis@debian8: 5.1.4
diff --git a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/rule.yml b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/rule.yml
index 21ed3ae98..9871085f7 100644
--- a/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/rule.yml
+++ b/linux_os/guide/system/logging/log_rotation/ensure_logrotate_activated/rule.yml
@@ -15,11 +15,12 @@ rationale: |-
that they fill up the /var/log partition. Valuable logging information could be lost
if the /var/log partition becomes full.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27014-0
cce@rhel7: 80195-1
+ cce@rhel8: 80794-1
references:
stigid@rhel6: RHEL-06-000138
diff --git a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
index 6f6da0dfb..fb0c701f2 100644
--- a/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
+++ b/linux_os/guide/system/logging/package_rsyslog_installed/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@rhel6: 26809-4
cce@rhel7: 80187-8
+ cce@rhel8: 80847-7
references:
cis@debian8: 5.1.1
diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
index 4dbe9612d..716571b6f 100644
--- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
+++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_loghost/rule.yml
@@ -38,6 +38,7 @@ severity: unknown
identifiers:
cce@rhel6: 26801-1
cce@rhel7: 27343-3
+ cce@rhel8: 80863-4
references:
cis@debian8: 5.1.5
diff --git a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
index 6f07d64a7..2b3c056d3 100644
--- a/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
+++ b/linux_os/guide/system/logging/service_rsyslog_enabled/rule.yml
@@ -15,6 +15,7 @@ severity: medium
identifiers:
cce@rhel6: 26807-8
cce@rhel7: 80188-6
+ cce@rhel8: 80886-5
references:
cis@debian8: 5.1.2
diff --git a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
index 7e7cc10e9..99314a436 100644
--- a/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/firewalld_activation/service_firewalld_enabled/rule.yml
@@ -15,6 +15,7 @@ severity: medium
identifiers:
cce@rhel7: 27361-5
+ cce@rhel8: 80877-4
references:
cis: "4.7"
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/rule.yml
index 8549c324b..d884bc366 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/configure_firewalld_rate_limiting/rule.yml
@@ -26,7 +26,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80542-4
+ cce@rhel7: 80542-4
references:
disa: "2385"
diff --git a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
index cf0944f94..0c3dc0712 100644
--- a/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
+++ b/linux_os/guide/system/network/network-firewalld/ruleset_modifications/set_firewalld_default_zone/rule.yml
@@ -22,6 +22,7 @@ severity: medium
identifiers:
cce@rhel7: 27349-0
+ cce@rhel8: 80890-7
references:
cjis: 5.10.1
diff --git a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
index 7b743e4aa..dc0fc9b4a 100644
--- a/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
+++ b/linux_os/guide/system/network/network-ipsec/libreswan_approved_tunnels/rule.yml
@@ -18,6 +18,7 @@ severity: medium
identifiers:
cce@rhel7: 80171-2
+ cce@rhel8: 80836-0
references:
disa: "336"
diff --git a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
index 4aad1cce8..05336397d 100644
--- a/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
+++ b/linux_os/guide/system/network/network-ipsec/package_libreswan_installed/rule.yml
@@ -19,6 +19,7 @@ severity: medium
identifiers:
cce@rhel6: 27626-1
cce@rhel7: 80170-4
+ cce@rhel8: 80845-1
references:
srg@rhel6: SRG-OS-000160
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
index ed6ad3e71..954999e6e 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_all_accept_redirects/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@rhel6: 27027-2
cce@rhel7: 80158-9
+ cce@rhel8: 80917-8
references:
stigid@rhel6: RHEL-06-000084
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
index ff28c1d52..8909a90a7 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_redirects/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@rhel6: 27015-7
cce@rhel7: 80163-9
+ cce@rhel8: 80919-4
references:
stigid@rhel6: RHEL-06-000091
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
index ac49111a1..47da88024 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_conf_default_accept_source_route/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@rhel6: 26983-7
cce@rhel7: 80162-1
+ cce@rhel8: 80920-2
references:
stigid@rhel6: RHEL-06-000089
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
index d3a2c9e33..dec9cf231 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_icmp_echo_ignore_broadcasts/rule.yml
@@ -18,6 +18,7 @@ severity: medium
identifiers:
cce@rhel6: 26883-9
cce@rhel7: 80165-4
+ cce@rhel8: 80922-8
references:
stigid@rhel6: RHEL-06-000092
diff --git a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
index c3433b443..f2e173439 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_and_router_parameters/sysctl_net_ipv4_tcp_syncookies/rule.yml
@@ -19,6 +19,7 @@ severity: medium
identifiers:
cce@rhel6: 27053-8
cce@rhel7: 27495-1
+ cce@rhel8: 80923-6
references:
stigid@rhel6: RHEL-06-000095
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
index 5c265f54f..837712899 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_all_send_redirects/rule.yml
@@ -18,6 +18,7 @@ severity: medium
identifiers:
cce@rhel6: 27004-1
cce@rhel7: 80156-3
+ cce@rhel8: 80918-6
references:
stigid@rhel6: RHEL-06-000081
diff --git a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
index 1b9ea87e5..818dd1f61 100644
--- a/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
+++ b/linux_os/guide/system/network/network-kernel/network_host_parameters/sysctl_net_ipv4_conf_default_send_redirects/rule.yml
@@ -18,6 +18,7 @@ severity: medium
identifiers:
cce@rhel6: 27001-7
cce@rhel7: 80156-3
+ cce@rhel8: 80921-0
references:
stigid@rhel6: RHEL-06-000080
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
index 929d2d630..c7b61975a 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_dccp_disabled/rule.yml
@@ -19,6 +19,7 @@ severity: medium
identifiers:
cce@rhel6: 26448-1
cce@rhel7: 26828-4
+ cce@rhel8: 80833-7
references:
stigid@rhel6: RHEL-06-000124
diff --git a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
index 86ab0c31c..33a96719e 100644
--- a/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-uncommon/kernel_module_sctp_disabled/rule.yml
@@ -20,6 +20,7 @@ severity: medium
identifiers:
cce@rhel6: 26410-1
cce@rhel7: 27106-4
+ cce@rhel8: 80834-5
references:
stigid@rhel6: RHEL-06-000125
diff --git a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
index 0413b8190..5e02f40e9 100644
--- a/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
+++ b/linux_os/guide/system/network/network-wireless/wireless_software/kernel_module_bluetooth_disabled/rule.yml
@@ -21,6 +21,7 @@ severity: medium
identifiers:
cce@rhel6: 26763-3
cce@rhel7: 27327-6
+ cce@rhel8: 80832-9
references:
stigid@rhel6: RHEL-06-000315
diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
index abbd3e671..da6816719 100644
--- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
+++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/rule.yml
@@ -20,11 +20,12 @@ description: |-
rationale: "Failing to set the sticky bit on public directories allows unauthorized users to delete files in the directory structure.\n
\nThe only authorized public directories are those temporary directories supplied with the system, \nor those designed to be temporary file repositories. The setting is normally reserved for directories \nused by the system, by users for temporary file storage (such as /tmp), and for directories \nrequiring global read/write access."
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26840-9
cce@rhel7: 80130-8
+ cce@rhel8: 80783-4
references:
stigid@rhel6: RHEL-06-000336
diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
index dad9c0f31..259a79541 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_sgid/rule.yml
@@ -15,11 +15,12 @@ rationale: |-
unprivileged users to elevate privileges. The presence of these files should be
strictly controlled on the system.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26769-0
cce@rhel7: 80132-4
+ cce@rhel8: 80816-2
references:
cis: 6.1.14
diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
index 5ccf98274..894273c87 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_suid/rule.yml
@@ -15,11 +15,12 @@ rationale: |-
unprivileged users to elevate privileges. The presence of these files should be
strictly controlled on the system.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26497-8
cce@rhel7: 80133-2
+ cce@rhel8: 80817-0
references:
cis: 6.1.13
diff --git a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/rule.yml b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/rule.yml
index 24f3efa62..bb57854c4 100644
--- a/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/rule.yml
+++ b/linux_os/guide/system/permissions/files/file_permissions_unauthorized_world_writable/rule.yml
@@ -23,6 +23,7 @@ severity: medium
identifiers:
cce@rhel6: 26910-0
cce@rhel7: 80131-6
+ cce@rhel8: 80818-8
references:
stigid@rhel6: RHEL-06-000282
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_group/rule.yml
index 6f864fecd..9130e759a 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_group/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_group/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@rhel6: 26930-8
cce@rhel7: 27037-1
+ cce@rhel8: 80796-6
references:
stigid@rhel6: RHEL-06-000043
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_gshadow/rule.yml
index cc3746ad9..9e1cc6264 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_gshadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_gshadow/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@rhel6: 26975-3
cce@rhel7: 26840-9
+ cce@rhel8: 80797-4
references:
stigid@rhel6: RHEL-06-000037
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_passwd/rule.yml
index 9d171e350..7d1bf839d 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_passwd/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_passwd/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@rhel6: 26856-5
cce@rhel7: 26639-5
+ cce@rhel8: 80798-2
references:
stigid@rhel6: RHEL-06-000040
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_shadow/rule.yml
index f6ec7e154..e9f6d40b6 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_shadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_groupowner_etc_shadow/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@rhel6: 26967-0
cce@rhel7: 27125-4
+ cce@rhel8: 80799-0
references:
stigid@rhel6: RHEL-06-000034
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml
index c0496430f..c88acfd1a 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_group/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@rhel6: 26822-7
cce@rhel7: 26933-2
+ cce@rhel8: 80801-4
references:
stigid@rhel6: RHEL-06-000042
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml
index 22b6dadb0..a061f14ec 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_gshadow/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@rhel6: 27026-4
cce@rhel7: 27161-9
+ cce@rhel8: 80802-2
references:
stigid@rhel6: RHEL-06-000036
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_passwd/rule.yml
index 3e8fba2b8..c317b7e4f 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_passwd/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_passwd/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@rhel6: 26953-0
cce@rhel7: 27138-7
+ cce@rhel8: 80803-0
references:
stigid@rhel6: RHEL-06-000039
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml
index ac0aac953..7db00cd0a 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_owner_etc_shadow/rule.yml
@@ -16,6 +16,7 @@ severity: medium
identifiers:
cce@rhel6: 26947-2
cce@rhel7: 26795-5
+ cce@rhel8: 80804-8
references:
stigid@rhel6: RHEL-06-000033
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_group/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_group/rule.yml
index dbccf7ea0..efc21706f 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_group/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_group/rule.yml
@@ -14,6 +14,7 @@ severity: medium
identifiers:
cce@rhel6: 26954-8
cce@rhel7: 26949-8
+ cce@rhel8: 80810-5
references:
stigid@rhel6: RHEL-06-000044
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_gshadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_gshadow/rule.yml
index c7673ecc8..12da56efa 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_gshadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_gshadow/rule.yml
@@ -14,6 +14,7 @@ severity: medium
identifiers:
cce@rhel6: 26951-4
cce@rhel7: 27162-7
+ cce@rhel8: 80811-3
references:
anssi@debian8: NT28(R36)
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_passwd/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_passwd/rule.yml
index 0f5e2585b..5fedecd7d 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_passwd/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_passwd/rule.yml
@@ -16,6 +16,7 @@ severity: medium
identifiers:
cce@rhel6: 26868-0
cce@rhel7: 26887-0
+ cce@rhel8: 80812-1
references:
stigid@rhel6: RHEL-06-000041
diff --git a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_shadow/rule.yml b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_shadow/rule.yml
index dea08423d..394dda148 100644
--- a/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_shadow/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_important_account_files/file_permissions_etc_shadow/rule.yml
@@ -17,6 +17,7 @@ severity: medium
identifiers:
cce@rhel6: 26992-8
cce@rhel7: 27100-7
+ cce@rhel8: 80813-9
references:
anssi@debian8: NT28(R36)
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
index 1baa608b2..106d404a6 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_binary_dirs/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel6: 27623-8
cce@rhel7: 27119-7
+ cce@rhel8: 80806-3
references:
stigid@rhel6: RHEL-06-000048
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
index 1248f001f..6fb992748 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/rule.yml
@@ -28,6 +28,7 @@ severity: medium
identifiers:
cce@rhel6: 27424-1
cce@rhel7: 26648-6
+ cce@rhel8: 80807-1
references:
stigid@rhel6: RHEL-06-000046
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
index 2a749490a..8aa5becb6 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_binary_dirs/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel6: 27289-8
cce@rhel7: 27075-1
+ cce@rhel8: 80809-7
references:
stigid@rhel6: RHEL-06-000047
diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
index f8f5eacaa..d2339f156 100644
--- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
+++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/rule.yml
@@ -28,6 +28,7 @@ severity: medium
identifiers:
cce@rhel6: 27381-3
cce@rhel7: 26966-2
+ cce@rhel8: 80815-4
references:
stigid@rhel6: RHEL-06-000045
diff --git a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
index ccba1a95e..7d16722aa 100644
--- a/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/kernel_module_usb-storage_disabled/rule.yml
@@ -21,6 +21,7 @@ severity: medium
identifiers:
cce@rhel6: 27016-5
cce@rhel7: 27277-3
+ cce@rhel8: 80835-2
references:
stigid@rhel6: RHEL-06-000503
diff --git a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
index 2dc0d3082..2c531bc4f 100644
--- a/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/mounting/service_autofs_disabled/rule.yml
@@ -27,6 +27,7 @@ severity: medium
identifiers:
cce@rhel6: 26976-1
cce@rhel7: 27498-5
+ cce@rhel8: 80873-3
references:
stigid@rhel6: RHEL-06-000526
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
index 685ddbf9e..bd2c6467a 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nodev/rule.yml
@@ -8,11 +8,12 @@ rationale: |-
The only legitimate location for device files is the /dev directory
located on the root partition. The only exception to this is chroot jails.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26778-1
cce@rhel7: 80152-2
+ cce@rhel8: 80837-8
references:
cis: 1.1.15
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
index f6d7a8105..90c39c4ee 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_noexec/rule.yml
@@ -15,11 +15,12 @@ rationale: |-
Allowing users to execute binaries from world-writable directories
such as /dev/shm can expose the system to potential compromise.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26622-1
cce@rhel7: 80153-0
+ cce@rhel8: 80838-6
references:
cis: 1.1.17
diff --git a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
index 9c54c6f7f..f7c1dcf6c 100644
--- a/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
+++ b/linux_os/guide/system/permissions/partitions/mount_option_dev_shm_nosuid/rule.yml
@@ -12,11 +12,12 @@ rationale: |-
The presence of SUID and SGID executables should be tightly controlled. Users
should not be able to execute SUID or SGID binaries from temporary storage partitions.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26486-1
cce@rhel7: 80154-8
+ cce@rhel8: 80839-4
references:
cis: 1.1.16
diff --git a/linux_os/guide/system/permissions/restrictions/coredumps/sysctl_fs_suid_dumpable/rule.yml b/linux_os/guide/system/permissions/restrictions/coredumps/sysctl_fs_suid_dumpable/rule.yml
index a3eab555f..1e67f62f1 100644
--- a/linux_os/guide/system/permissions/restrictions/coredumps/sysctl_fs_suid_dumpable/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/coredumps/sysctl_fs_suid_dumpable/rule.yml
@@ -11,11 +11,12 @@ rationale: |-
setuid program to write a core file decreases the risk of unauthorized access
of such data.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27044-7
cce@rhel7: 26900-1
+ cce@rhel8: 80912-9
references:
cis: 1.5.1
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
index affd0996a..aa4a5782f 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_exec_shield/rule.yml
@@ -13,6 +13,7 @@ severity: medium
identifiers:
cce@hrel6: 27007-4
cce@rhel7: 27211-2
+ cce@rhel8: 80914-5
references:
srg@rhel6: SRG-OS-999999
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
index 492d2e7c0..3701e9f75 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict/rule.yml
@@ -13,6 +13,9 @@ rationale: |-
severity: low
+identifiers:
+ cce@rhel8: 80915-2
+
references:
anssi: NT28(R23)
diff --git a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
index 2b0e58380..d5db3d846 100644
--- a/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_randomize_va_space/rule.yml
@@ -11,6 +11,7 @@ severity: medium
identifiers:
cce@rhel6: 26999-3
cce@rhel7: 27127-0
+ cce@rhel8: 80916-0
references:
stigid@rhel6: RHEL-06-000078
diff --git a/linux_os/guide/system/permissions/restrictions/grub2_vsyscall_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/grub2_vsyscall_argument/rule.yml
index bac986fe1..dfc1ddd91 100644
--- a/linux_os/guide/system/permissions/restrictions/grub2_vsyscall_argument/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/grub2_vsyscall_argument/rule.yml
@@ -15,7 +15,10 @@ rationale: |-
Virtual Syscalls provide an opportunity of attack for a user who has control
of the return instruction pointer.
-severity: unknown
+severity: medium
+
+identifiers:
+ cce@rhel8: 80946-7
ocil_clause: 'vsyscalls are enabled'
diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
index a296a4b48..b8ecfa8e0 100644
--- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_page_poison_argument/rule.yml
@@ -18,7 +18,10 @@ rationale: |-
This prevents many types of use-after-free vulnerabilities at little performance cost.
Also prevents leak of data and detection of corrupted memory.
-severity: unknown
+severity: medium
+
+identifiers:
+ cce@rhel8: 80944-2
ocil_clause: 'page allocator poisoning is not enabled'
diff --git a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
index d5dbfcf25..cbe8f5ca6 100644
--- a/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/poisoning/grub2_slub_debug_argument/rule.yml
@@ -18,7 +18,10 @@ rationale: |-
This prevents many types of use-after-free vulnerabilities at little performance cost.
Also prevents leak of data and detection of corrupted memory.
-severity: unknown
+severity: medium
+
+identifiers:
+ cce@rhel8: 80945-9
ocil_clause: 'SLUB/SLAB poisoning is not enabled'
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
index a4bd28eca..6a869f9bb 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml
@@ -8,11 +8,12 @@ description: '{{{ describe_sysctl_option_value(sysctl="kernel.dmesg_restrict", v
rationale: "Unprivileged access to the kernel syslog can expose sensitive kernel \naddress information."
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27366-4
cce@rhel7: 27050-4
+ cce@rhel8: 80913-7
references:
cui: 3.1.5
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
index af4b96bdd..a6c1186a7 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_kexec_load_disabled/rule.yml
@@ -10,8 +10,10 @@ rationale: |
Disabling kexec_load allows greater control of the kernel memory.
It makes it impossible to load another kernel image after it has been disabled.
-severity: unknown
+severity: medium
+identifiers:
+ cce@rhel8: 80952-5
{{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.kexec_load_disabled", value="1") }}}
diff --git a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
index 49a883eb2..f75b65c2a 100644
--- a/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
+++ b/linux_os/guide/system/permissions/restrictions/sysctl_kernel_yama_ptrace_scope/rule.yml
@@ -12,8 +12,10 @@ rationale: |
sensitive information from the target processes (e.g. SSH sessions, web browser, ...)
without any additional assistance from the user (i.e. without resorting to phishing).
-severity: unknown
+severity: medium
+identifiers:
+ cce@rhel8: 80953-3
{{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.yama.ptrace_scope", value="1") }}}
diff --git a/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml b/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
index ae76ca147..ad099555d 100644
--- a/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
+++ b/linux_os/guide/system/selinux/grub2_enable_selinux/rule.yml
@@ -19,6 +19,7 @@ severity: medium
identifiers:
cce@rhel7: 26961-3
+ cce@rhel8: 80827-9
references:
cis: 1.6.1.1
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
index b4b1bf09a..c60e255f5 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execheap/rule.yml
@@ -13,6 +13,9 @@ rationale: ""
severity: medium
+identifiers:
+ cce@rhel8: 80949-1
+
references:
hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3),164.308(a)(4),164.310(b),164.310(c),164.312(a),164.312(e)
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
index 6d1f90f4f..3df0591ab 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execmod/rule.yml
@@ -13,6 +13,9 @@ rationale: ""
severity: medium
+identifiers:
+ cce@rhel8: 80950-9
+
references:
hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3),164.308(a)(4),164.310(b),164.310(c),164.312(a),164.312(e)
diff --git a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
index 409acdeb2..588d0ef9b 100644
--- a/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
+++ b/linux_os/guide/system/selinux/selinux-booleans/sebool_selinuxuser_execstack/rule.yml
@@ -14,6 +14,9 @@ rationale: ""
severity: medium
+identifiers:
+ cce@rhel8: 80951-7
+
references:
hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3),164.308(a)(4),164.310(b),164.310(c),164.312(a),164.312(e)
diff --git a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
index 1fb2f4ae5..e18a20a74 100644
--- a/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_all_devicefiles_labeled/rule.yml
@@ -15,6 +15,7 @@ severity: medium
identifiers:
cce@rhel6: 26774-0
cce@rhel7: 27326-8
+ cce@rhel8: 80866-7
references:
stigid@rhel6: RHEL-06-000025
diff --git a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
index a83397321..8e07f14a0 100644
--- a/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_confinement_of_daemons/rule.yml
@@ -23,6 +23,7 @@ severity: medium
identifiers:
cce@rhel6: 27111-4
cce@rhel7: 27288-0
+ cce@rhel8: 80867-5
references:
cis: 1.6.1.6
diff --git a/linux_os/guide/system/selinux/selinux_policytype/rule.yml b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
index 22176cf44..5ed6508ed 100644
--- a/linux_os/guide/system/selinux/selinux_policytype/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_policytype/rule.yml
@@ -30,6 +30,7 @@ severity: high
identifiers:
cce@rhel6: 26875-5
cce@rhel7: 27279-9
+ cce@rhel8: 80868-3
references:
stigid@rhel6: RHEL-06-000023
diff --git a/linux_os/guide/system/selinux/selinux_state/rule.yml b/linux_os/guide/system/selinux/selinux_state/rule.yml
index 58d5f6e24..e03031912 100644
--- a/linux_os/guide/system/selinux/selinux_state/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_state/rule.yml
@@ -21,6 +21,7 @@ severity: high
identifiers:
cce@rhel6: 26969-6
cce@rhel7: 27334-2
+ cce@rhel8: 80869-1
references:
stigid@rhel6: RHEL-06-000020
diff --git a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
index 946779230..fc1f87b41 100644
--- a/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
+++ b/linux_os/guide/system/selinux/selinux_user_login_roles/rule.yml
@@ -33,7 +33,7 @@ rationale: |-
severity: medium
identifiers:
- cce: 80543-2
+ cce@rhel7: 80543-2
references:
disa: "2235"
diff --git a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
index a0271ea39..636dbc8b1 100644
--- a/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/encrypt_partitions/rule.yml
@@ -45,6 +45,7 @@ severity: high
identifiers:
cce@rhel6: 27596-6
cce@rhel7: 27128-8
+ cce@rhel8: 80789-1
references:
stigid@rhel6: RHEL-06-000275
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
index 7a70dedcb..b3683d950 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_tmp/rule.yml
@@ -17,6 +17,7 @@ severity: low
identifiers:
cce@rhel6: 26435-8
cce@rhel7: 27173-4
+ cce@rhel8: 80851-9
references:
anssi@debian8: NT28(R12)
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
index 950c64a1c..59f3e7efb 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var/rule.yml
@@ -19,6 +19,7 @@ severity: low
identifiers:
cce@rhel6: 26639-5
cce@rhel7: 26404-4
+ cce@rhel8: 80852-7
references:
anssi@debian8: NT28(R12)
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
index 5dff78f5d..0106f11e1 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log/rule.yml
@@ -12,11 +12,12 @@ rationale: |-
enables better separation between log files
and other files in /var/.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 26215-4
cce@rhel7: 26967-0
+ cce@rhel8: 80853-5
references:
anssi@debian8: NT28(R12),NT28(R47)
diff --git a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
index b95bf4874..e9eab6ecb 100644
--- a/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
+++ b/linux_os/guide/system/software/disk_partitioning/partition_for_var_log_audit/rule.yml
@@ -20,6 +20,7 @@ severity: low
identifiers:
cce@rhel6: 26436-6
cce@rhel7: 26971-2
+ cce@rhel8: 80854-3
references:
stigid@rhel6: RHEL-06-000004
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml
index 2d1da022b..778a24ea4 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/dconf_gnome_login_retries/rule.yml
@@ -29,6 +29,7 @@ severity: medium
identifiers:
cce@rhel7: 80109-2
+ cce@rhel8: 80771-9
references:
cui: 3.1.8
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
index 87f9f2761..e81d27462 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_automatic_login/rule.yml
@@ -21,6 +21,7 @@ severity: high
identifiers:
cce@rhel7: 80104-3
+ cce@rhel8: 80823-8
references:
cui: 3.1.1
diff --git a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml
index ab604a3ce..1aff4a69c 100644
--- a/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_login_screen/gnome_gdm_disable_guest_login/rule.yml
@@ -21,6 +21,7 @@ severity: high
identifiers:
cce@rhel7: 80105-0
+ cce@rhel8: 80824-6
references:
cui: 3.1.1
diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
index 9c7307c9d..34e7c928d 100644
--- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_credential_prompt/rule.yml
@@ -26,6 +26,7 @@ severity: medium
identifiers:
cce@rhel7: 80120-9
+ cce@rhel8: 80772-7
references:
cui: 3.1.12
diff --git a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
index 464ffbc25..3f745a337 100644
--- a/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_remote_access_settings/dconf_gnome_remote_access_encryption/rule.yml
@@ -26,6 +26,7 @@ severity: medium
identifiers:
cce@rhel7: 80121-7
+ cce@rhel8: 80773-5
references:
cui: 3.1.13
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
index 74d45ef1f..8b84a0a58 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_activation_enabled/rule.yml
@@ -33,6 +33,7 @@ severity: medium
identifiers:
cce@rhel7: 80111-8
+ cce@rhel8: 80774-3
references:
cjis: 5.5.5
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
index c9d1904b8..f4413f4d9 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_idle_delay/rule.yml
@@ -30,6 +30,7 @@ severity: medium
identifiers:
cce@rhel7: 80110-0
+ cce@rhel8: 80775-0
references:
cjis: 5.5.5
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
index b02c31ad8..017276291 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_delay/rule.yml
@@ -25,6 +25,7 @@ severity: medium
identifiers:
cce@rhel7: 80370-0
+ cce@rhel8: 80776-8
references:
cui: 3.1.10
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
index ef18cc148..8fe55d62a 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_lock_enabled/rule.yml
@@ -25,6 +25,7 @@ severity: medium
identifiers:
cce@rhel7: 80112-6
+ cce@rhel8: 80777-6
references:
cjis: 5.5.5
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
index 877f7cda3..3756d50c4 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_mode_blank/rule.yml
@@ -21,10 +21,11 @@ rationale: |-
Setting the screensaver mode to blank-only conceals the
contents of the display from passersby.
-severity: unknown
+severity: medium
identifiers:
cce@rhel7: 80113-4
+ cce@rhel8: 80778-4
references:
cjis: 5.5.5
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
index d4d208396..dc4a4f3e1 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_info/rule.yml
@@ -23,10 +23,11 @@ rationale: |-
Setting the splash screen to not reveal the logged in user's name
conceals who has access to the system from passersby.
-severity: unknown
+severity: medium
identifiers:
cce@rhel7: 80114-2
+ cce@rhel8: 80779-2
references:
ospp@rhel7: FMT_MOF_EXT.1
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
index 2b18ea574..997ade6e0 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_screensaver_user_locks/rule.yml
@@ -23,6 +23,7 @@ severity: medium
identifiers:
cce@rhel7: 80371-8
+ cce@rhel8: 80780-0
references:
cui: 3.1.10
diff --git a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
index 57520d1fc..9766b4dba 100644
--- a/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_screen_locking/dconf_gnome_session_idle_user_locks/rule.yml
@@ -23,6 +23,7 @@ severity: medium
identifiers:
cce@rhel7: 80544-0
+ cce@rhel8: 80781-8
references:
cui: 3.1.10
diff --git a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml
index 18000ef80..c26524d6e 100644
--- a/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml
+++ b/linux_os/guide/system/software/gnome/gnome_system_settings/dconf_gnome_disable_user_admin/rule.yml
@@ -30,6 +30,7 @@ severity: high
identifiers:
cce@rhel7: 80115-9
+ cce@rhel8: 80769-3
references:
cui: 3.1.5
diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
index ffdc4825d..985190bda 100644
--- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_FIPS_certified/rule.yml
@@ -32,6 +32,9 @@ warnings:
severity: high
+identifiers:
+ cce@rhel8: 80830-3
+
ocil_clause: 'the installed operating system is not FIPS 140-2 certified'
{{% if product in ["rhel6", "rhel7"] %}}
diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
index 6c5afede5..ee41e99d6 100644
--- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
@@ -27,6 +27,9 @@ warnings:
severity: high
+identifiers:
+ cce@rhel8: 80947-5
+
references:
disa: "366"
nist: SI-2(c)
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
index b719be52b..eb383a67c 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/rule.yml
@@ -19,7 +19,10 @@ rationale: |-
Overriding the system crypto policy makes the behavior of the BIND service violate expectations,
and makes system configuration more fragmented.
-severity: unknown
+severity: medium
+
+identifiers:
+ cce@rhel8: 80934-3
ocil_clause: |-
BIND is installed and the BIND config file doesn't contain the
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
index d0a9eef19..bb4896053 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_crypto_policy/rule.yml
@@ -16,6 +16,9 @@ rationale: |-
severity: high
+identifiers:
+ cce@rhel8: 80935-0
+
ocil_clause: 'cryptographic policy is not configured or is configured incorrectly'
ocil: |-
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
index 54cc5fc1a..cb961e028 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_kerberos_crypto_policy/rule.yml
@@ -16,7 +16,10 @@ rationale: |-
Overriding the system crypto policy makes the behavior of Kerberos violate expectations,
and makes system configuration more fragmented.
-severity: unknown
+severity: medium
+
+identifiers:
+ cce@rhel8: 80936-8
ocil_clause: 'the symlink does not exist or points to a different target'
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
index 0fdb73a80..8f55ab7ce 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/rule.yml
@@ -20,7 +20,10 @@ rationale: |-
service violate expectations, and makes system configuration more
fragmented.
-severity: unknown
+severity: medium
+
+identifiers:
+ cce@rhel8: 80937-6
ocil_clause: |-
Libreswan is installed and /etc/ipsec.conf does not contain include /etc/crypto-policies/back-ends/libreswan.config
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
index 6466fea2a..ee680bb1b 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_openssl_crypto_policy/rule.yml
@@ -17,7 +17,10 @@ rationale: |-
Overriding the system crypto policy makes the behavior of the Java runtime violates expectations,
and makes system configuration more fragmented.
-severity: unknown
+severity: medium
+
+identifiers:
+ cce@rhel8: 80938-4
ocil_clause: |-
the OpenSSL config file doesn't contain the whole section,
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
index 0267e8b3f..454805772 100644
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
@@ -16,7 +16,10 @@ rationale: |-
Overriding the system crypto policy makes the behavior of the SSH service violate expectations,
and makes system configuration more fragmented.
-severity: unknown
+severity: medium
+
+identifiers:
+ cce@rhel8: 80939-2
ocil_clause: 'the CRYPTO_POLICY variable is not set or is commented in the /etc/sysconfig/sshd'
diff --git a/linux_os/guide/system/software/integrity/disable_prelink/rule.yml b/linux_os/guide/system/software/integrity/disable_prelink/rule.yml
index 1ce54c535..592383d73 100644
--- a/linux_os/guide/system/software/integrity/disable_prelink/rule.yml
+++ b/linux_os/guide/system/software/integrity/disable_prelink/rule.yml
@@ -14,11 +14,12 @@ rationale: |-
Because the prelinking feature changes binaries, it can interfere with the
operation of certain software and/or modes such as AIDE, FIPS, etc.
-severity: unknown
+severity: medium
identifiers:
cce@rhel6: 27221-1
cce@rhel7: 27078-5
+ cce@rhel8: 80787-5
references:
cis: 1.5.4
diff --git a/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml b/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
index d5c2165a6..5b835b59c 100644
--- a/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
+++ b/linux_os/guide/system/software/integrity/endpoint_security_software/install_hids/rule.yml
@@ -23,6 +23,7 @@ severity: high
identifiers:
cce@rhel6: 27409-2
cce@rhel7: 26818-5
+ cce@rhel8: 80831-1
references:
disa: "1263"
diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
index 72db413df..e540db94b 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
+++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/rule.yml
@@ -26,6 +26,9 @@ rationale: |-
severity: high
+identifiers:
+ cce@rhel8: 80942-6
+
ocil_clause: 'FIPS mode is not enabled'
ocil: |-
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
index 07e739273..470b33b93 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_build_database/rule.yml
@@ -23,6 +23,7 @@ severity: medium
identifiers:
cce@rhel6: 27135-3
cce@rhel7: 27220-3
+ cce@rhel8: 80675-2
references:
disa@rhel6: 374,416,1069,1263,1297,1589
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
index 9728144f8..9beef8e72 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/rule.yml
@@ -34,6 +34,7 @@ severity: medium
identifiers:
cce@rhel6: 27222-9
cce@rhel7: 26952-2
+ cce@rhel8: 80676-0
references:
disa@rhel6: 374,416,1069,1263,1297,1589
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
index a5e1fee18..0f2f9380c 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/package_aide_installed/rule.yml
@@ -14,6 +14,7 @@ severity: medium
identifiers:
cce@rhel6: 27024-9
cce@rhel7: 27096-7
+ cce@rhel8: 80844-4
references:
disa@rhel6: "1069"
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
index 8d3d7c215..ddb985aa7 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_hashes/rule.yml
@@ -36,6 +36,7 @@ severity: high
identifiers:
cce@rhel6: 7223-7
cce@rhel7: 27157-7
+ cce@rhel8: 80857-6
references:
disa@rhel6: "1496"
diff --git a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml
index 56ffd9031..3b4776b89 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml
+++ b/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/rule.yml
@@ -32,6 +32,7 @@ severity: high
identifiers:
cce@rhel6: 26731-0
cce@rhel7: 27209-6
+ cce@rhel8: 80858-4
references:
disa@rhel6: 1493,1495
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
index a91f459dc..4c8f19c15 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_globally_activated/rule.yml
@@ -19,6 +19,7 @@ severity: high
identifiers:
cce@rhel6: 26709-6
cce@rhel7: 26989-4
+ cce@rhel8: 80790-9
references:
stigid@rhel6: RHEL-06-000013
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
index 5d75a5176..2bd00ac31 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_local_packages/rule.yml
@@ -21,6 +21,7 @@ severity: high
identifiers:
cce@rhel7: 80347-8
+ cce@rhel8: 80791-7
references:
cui: 3.4.8
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
index 116714329..eaa23329c 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_never_disabled/rule.yml
@@ -16,6 +16,7 @@ severity: high
identifiers:
cce@rhel6: 26647-8
cce@rhel7: 26876-3
+ cce@rhel8: 80792-5
references:
stigid@rhel6: RHEL-06-000015
diff --git a/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml b/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml
index 3802033ca..3200ca2d5 100644
--- a/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_gpgcheck_repo_metadata/rule.yml
@@ -33,6 +33,7 @@ severity: high
identifiers:
cce@rhel7: 80348-6
+ cce@rhel8: 80793-3
references:
disa: "1749"
diff --git a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
index 18e02598c..4ae24efaf 100644
--- a/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
+++ b/linux_os/guide/system/software/updating/ensure_redhat_gpgkey_installed/rule.yml
@@ -13,6 +13,7 @@ severity: high
identifiers:
cce@rhel6: 26506-6
cce@rhel7: 26957-1
+ cce@rhel8: 80795-8
references:
stigid@rhel6: RHEL-06-000008
diff --git a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
index b2fa742ab..06d554115 100644
--- a/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
+++ b/linux_os/guide/system/software/updating/security_patches_up_to_date/rule.yml
@@ -34,6 +34,7 @@ severity: high
identifiers:
cce@rhel6: 27635-2
cce@rhel7: 26895-3
+ cce@rhel8: 80865-9
references:
stigid@rhel6: RHEL-06-000011