vulnerability
Scanning Diagnostics: SSH credential is configured to elevate to a non-root user
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 1 | (AV:L/AC:H/Au:M/C:N/I:N/A:N) | 11/02/2021 | 11/02/2021 | 11/02/2021 |
Severity
1
CVSS
(AV:L/AC:H/Au:M/C:N/I:N/A:N)
Published
11/02/2021
Added
11/02/2021
Modified
11/02/2021
Description
The following information is for Scan Diagnostic purposes only, and is not indicative of a detected vulnerability.
SSH Credentials configured for privilege elevation should elevate to the user 'root'. Elevating to a non-root user may result in inaccurate vulnerability and policy assessment results.
Solution
rapid7-diagnostics-unix-privilege-elevation-root
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.