Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-761 | GEN000300 | SV-27064r1_rule | IAIA-1 IAIA-2 | Medium |
Description |
---|
A unique user name is the first part of the identification and authentication process. If user names are not unique, there can be no accountability on the system for auditing purposes. Multiple accounts sharing the same name could result in the Denial of Service to one or both of the accounts or unauthorized access to files or privileges. |
STIG | Date |
---|---|
Draft AIX Security Technical Implementation Guide | 2011-08-17 |
Check Text ( C-27980r1_chk ) |
---|
Perform the following to ensure there are no duplicate account names: # usrck -n ALL If any duplicate account names are found, this is a finding. |
Fix Text (F-24342r1_fix) |
---|
Change user account names, or delete accounts, so each account has a unique name. |