1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
documentation_complete: true
title: 'The Chrony package is installed'
description: |-
System time should be synchronized between all systems in an environment. This is
typically done by establishing an authoritative time server or set of servers and having all
systems synchronize their clocks to them.
{{{ describe_package_install(package="chrony") }}}
rationale: |-
Time synchronization is important to support time sensitive security mechanisms like
Kerberos and also ensures log files have consistent time records across the enterprise,
which aids in forensic investigations.
severity: medium
platform: machine
identifiers:
cce@rhel7: CCE-83419-2
cce@rhel8: CCE-82874-9
cce@rhel9: CCE-84215-3
cce@sle12: CCE-91594-2
cce@sle15: CCE-91229-5
references:
anssi: BP28(R43)
cis@alinux3: 2.2.1.1
cis@rhel7: 2.2.1.1
cis@rhel8: 2.1.1
cis@sle12: 2.2.1.1
cis@sle15: 2.2.1.1
cis@ubuntu2004: 2.2.1.1
cis@ubuntu2204: 2.2.1.1
ism: 0988,1405
ospp: FMT_SMF_EXT.1
pcidss: Req-10.6.1
srg: SRG-OS-000355-GPOS-00143
stigid@ubuntu2004: UBTU-20-010435
ocil_clause: 'the package is not installed'
ocil: '{{{ ocil_package(package="chrony") }}}'
fixtext: '{{{ describe_package_install(package="chrony") }}}'
srg_requirement: '{{{ srg_requirement_package_installed("chrony") }}}'
template:
name: package_installed
vars:
pkgname: chrony
|
