From 01397cbe2a62303ef001ab5e5821ffafd6929e41 Mon Sep 17 00:00:00 2001 From: Alex Haydock Date: Fri, 6 Aug 2021 16:46:22 +0100 Subject: [PATCH] Update CCEs and identifiers on rules that make up RHEL 8 CIS 4.1.15 --- .../audit_rules_privileged_commands_insmod/rule.yml | 2 ++ .../audit_rules_privileged_commands_modprobe/rule.yml | 2 ++ .../audit_rules_privileged_commands_rmmod/rule.yml | 2 ++ shared/references/cce-redhat-avail.txt | 3 --- 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/rule.yml index 5c3a99447c..a4ecb0d1e0 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/rule.yml @@ -28,10 +28,12 @@ severity: medium identifiers: cce@rhel7: CCE-85851-4 + cce@rhel8: CCE-85919-9 cce@sle15: CCE-85744-1 references: cis@rhel7: 4.1.16 + cis@rhel8: 4.1.15 cis@ubuntu2004: 4.1.16 disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 nist: AU-12(c),AU-12.1(iv),AU-3,AU-3.1,AU-12(a),AU-12.1(ii),MA-4(1)(a) diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml index 5e03dde851..f70c537064 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml @@ -32,10 +32,12 @@ severity: medium identifiers: cce@rhel7: CCE-85853-0 + cce@rhel8: CCE-85973-6 cce@sle15: CCE-85731-8 references: cis@rhel7: 4.1.16 + cis@rhel8: 4.1.15 cis@ubuntu2004: 4.1.16 disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 nist: AU-12(a),AU-12.1(ii),AU-3,AU-3.1,AU-12(c),AU-12.1(iv),MA-4(1)(a) diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/rule.yml b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/rule.yml index 1535041672..113c8fc4bc 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/rule.yml +++ b/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/rule.yml @@ -28,10 +28,12 @@ severity: medium identifiers: cce@rhel7: CCE-85852-2 + cce@rhel8: CCE-86017-1 cce@sle15: CCE-85732-6 references: cis@rhel7: 4.1.16 + cis@rhel8: 4.1.15 cis@ubuntu2004: 4.1.16 disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884 nist@sle15: AU-12(c),AU-12.1(iv),AU-3,AU-3.1,AU-12(a),AU-12.1(ii),MA-4(1)(a) diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt index 001262c6ee..aaa631515b 100644 --- a/shared/references/cce-redhat-avail.txt +++ b/shared/references/cce-redhat-avail.txt @@ -49,7 +49,6 @@ CCE-85915-7 CCE-85916-5 CCE-85917-3 CCE-85918-1 -CCE-85919-9 CCE-85920-7 CCE-85921-5 CCE-85922-3 @@ -100,7 +99,6 @@ CCE-85968-6 CCE-85969-4 CCE-85970-2 CCE-85972-8 -CCE-85973-6 CCE-85974-4 CCE-85975-1 CCE-85976-9 @@ -143,7 +141,6 @@ CCE-86013-0 CCE-86014-8 CCE-86015-5 CCE-86016-3 -CCE-86017-1 CCE-86018-9 CCE-86019-7 CCE-86020-5