Hello guys, my 1st discussion here
The company that I work for uses Rapid7 to scan vulnerabilities through devices.
The report is saying that a specific one is found at my ACI nodes (Apics, Spines and Leaves)
That's the vulnerability description:
"lilo-linux-single-user-mode"
That's the details:
"Refer to this documentation (https://access.redhat.com/solutions/1987833 ) from RedHat for exact details on enabling authorization for single user mode in RHEL7."
I know that the Apic software is RHEL/CentOS based, so I've checked at RedHat page trying to understand the issue:
https://access.redhat.com/solutions/1987833
"How to password-protect single user mode in RHEL 7 with /etc/inittab
Environment
- Red Hat Enterprise Linux 7
Issue
- How to password-protect single user mode in RHEL7?
- How to enforce a password for the single user mode?
- How to prevent user from getting into single-user mode or runlevel 1 without a password?
- How to set the ":S:wait:/sbin/sulogin" in RHEL7?
Resolution
- RHEL 7 single user mode is password protected by the root password by default as part of the design of grub2 and systemd
- /etc/inittab is no longer in use with systemd
- Set up a different password for grub2 than the standard root password
But we don't have access (and I understand why) to change this at APIC or the other nodes.
Does anyone know if there is any caveat or workaround over this issue?
ACI Version is 3.2.9h