Navigate

Check: SRG-OS-000373-GPOS-00156

General Purpose Operating System SRG: SRG-OS-000373-GPOS-00156 (in versions v2 r7 through v1 r4)

Title

The operating system must require users to re-authenticate for privilege escalation. (Cat II impact)

Discussion

Without re-authentication, users may access resources or perform tasks for which they do not have authorization. When operating systems provide the capability to escalate a functional capability, it is critical the user re-authenticate.

Check Content

Verify the operating system requires users to re-authenticate for privilege escalation. If it does not, this is a finding.

Fix Text

Configure the operating system to require users to re-authenticate for privilege escalation.

Additional Identifiers

Rule ID: SV-203723r851794_rule

Vulnerability ID: V-203723

Group Title: SRG-OS-000373

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-002038	The organization requires users to reauthenticate upon organization-defined circumstances or situations requiring reauthentication.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
IA-11	Re-Authentication