An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.04.2-01be-daa4
Open sidebar
Navigate
Top
Search
Checks (
236
)
Print
Changes
Pages (
3/16
)
RHEL 7 STIG
Red Hat Enterprise Linux 7 Security Technical Implementation Guide
v3 r15 (Released July 24, 2024)
v3 r14 (Released Jan. 24, 2024)
v3 r13 (Released Oct. 25, 2023)
v3 r12 (Released July 26, 2023)
v3 r11 (Released April 27, 2023)
v3 r10 (Released Jan. 26, 2023)
v3 r9 (Released Oct. 26, 2022)
v3 r8 (Released July 27, 2022)
v3 r7 (Released April 27, 2022)
v3 r6 (Released Jan. 27, 2022)
v3 r5 (Released Oct. 27, 2021)
v3 r4 (Released July 23, 2021)
v3 r3 (Released April 23, 2021)
v3 r2 (Released Jan. 22, 2021)
v3 r1 (Released Oct. 23, 2020)
v2 r8 (Released July 24, 2020)
v2 r7 (Released April 24, 2020)
v3 r0.3 (Released March 31, 2020)
v2 r6 (Released Jan. 24, 2020)
v2 r5 (Released Oct. 25, 2019)
v2 r4 (Released July 26, 2019)
v2 r3 (Released April 26, 2019)
v2 r2 (Released Jan. 25, 2019)
v2 r1 (Released July 27, 2018)
v1 r4 (Released Jan. 26, 2018)
v1 r3 (Released Oct. 27, 2017)
v1 r2 (Released July 28, 2017)
v1 r1 (Released Feb. 27, 2017)
ID
Vuln ID
Title
Cat
Status
RHEL-07-010260
V-204421
The Red Hat Enterprise Linux operating system must be configured so that existing passwords are restricted to a 60-day maximum lifetime.
Cat II
RHEL-07-010270
V-204422
The Red Hat Enterprise Linux operating system must be configured so that passwords are prohibited from reuse for a minimum of five generations.
Cat II
RHEL-07-010280
V-204423
The Red Hat Enterprise Linux operating system must be configured so that passwords are a minimum of 15 characters in length.
Cat II
RHEL-07-010290
V-204424
The Red Hat Enterprise Linux operating system must not allow accounts configured with blank or null passwords.
Cat I
RHEL-07-010291
V-251702
The Red Hat Enterprise Linux operating system must not have accounts configured with blank or null passwords.
Cat I
RHEL-07-010300
V-204425
The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not allow authentication using an empty password.
Cat I
RHEL-07-010310
V-204426
The Red Hat Enterprise Linux operating system must disable account identifiers (individuals, groups, roles, and devices) if the password expires.
Cat II
RHEL-07-010320
V-204427
The Red Hat Enterprise Linux operating system must be configured to lock accounts for a minimum of 15 minutes after three unsuccessful logon attempts within a 15-minute timeframe.
Cat II
RHEL-07-010330
V-204428
The Red Hat Enterprise Linux operating system must lock the associated account after three unsuccessful root logon attempts are made within a 15-minute period.
Cat II
RHEL-07-010339
V-251703
The Red Hat Enterprise Linux operating system must specify the default "include" directory for the /etc/sudoers file.
Cat II
RHEL-07-010340
V-204429
The Red Hat Enterprise Linux operating system must be configured so that users must provide a password for privilege escalation.
Cat II
RHEL-07-010341
V-237633
The Red Hat Enterprise Linux operating system must restrict privilege elevation to authorized personnel.
Cat II
RHEL-07-010342
V-237634
The Red Hat Enterprise Linux operating system must use the invoking user's password for privilege escalation when using "sudo".
Cat II
RHEL-07-010343
V-237635
The Red Hat Enterprise Linux operating system must require re-authentication when using the "sudo" command.
Cat II
RHEL-07-010344
V-251704
The Red Hat Enterprise Linux operating system must not be configured to bypass password requirements for privilege escalation.
Cat II
Prev
1
2
3
4
5
6
7
...16
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.