Scan results for 22.06.197

OpenSCAP and vulnerability scan report:
  • Prisma Cloud Compute release: 22.06 Update1 (22.06.197)
  • Base image: registry.access.redhat.com/ubi8/ubi-minimal:8.5
  • Benchmark URL: scap-security-guide-0.1.62/ssg-rhel8-ds-1.2.xml
  • Benchmark ID: xccdf_org.ssgproject.content_benchmark_RHEL-8
  • Profile ID: xccdf_org.ssgproject.content_profile_stig
  • Compared to IronBank’s UBI8-minimal, Version 8.6, Build Date: 2022-08-01

twistlock/private:console_22_06_197

Findings for Prisma Cloud Compute Console.

OpenSCAP report

You can find the OpenSCAP report here
Rule_ID
Compute finding
IronBank finding
Justification
xccdf_org.ssgproject.content_rule_accounts_authorized_local_users
Fail
Pass
local accounts include: twistlock = non-root account for service, mongod = mongoDB database & saslauth = authentication libraries. Application is a non-interactive container. There is no interactive console session with the container.
oval:ssg-accounts_umask_etc_csh_cshrc:def:1
Fail
Pass
Umask 027. Application is a non-interactive container. There is no interactive console session with the container.
oval:ssg-accounts_umask_etc_profile:def:1
Fail
Pass
Umask 027. Application is a non-interactive container. There is no interactive console session with the container.
oval:ssg-accounts_umask_etc_bashrc:def:1
Fail
Pass
Umask 027. Application is a non-interactive container. There is no interactive console session with the container.

Vulnerabilities full report

You can find the full vulnerabilities report here.
No known vulnerabilities available at time of release

twistlock/private:defender_22_06_197

Findings for Prisma Cloud Compute Defender.

OpenSCAP report

You can find the OpenSCAP report here.
Rule_ID
Compute finding
IronBank finding
Justification
oval:ssg-accounts_umask_etc_csh_cshrc:def:1
Fail
Pass
Umask 027. Application is a non-interactive container. There is no interactive console session with the container.
oval:ssg-accounts_umask_etc_profile:def:1
Fail
Pass
Umask 027. Application is a non-interactive container. There is no interactive console session with the container.
oval:ssg-accounts_umask_etc_bashrc:def:1
Fail
Pass
Umask 027. Application is a non-interactive container. There is no interactive console session with the container.

Vulnerabilities full report

You can find the full vulnerabilities report here.
No patches for existing vulnerabilities available at time of release

Recommended For You