Get Rule Info for Bundle Version
GET {{cb_url}}/compliance/assessment/api/v1/orgs/{{cb_org_key}}/bundles/{{cb_bundle_id}}/versions/{{cb_benchmark_bundle_version_id}}/rules/{{cb_benchmark_set_rule_id}}
Gets the Rule Info for the specified compliance bundle version
RBAC Permissions Required
Permission (.notation name) | Operation(s) |
---|---|
complianceAssessment.data | READ |
RESPONSES
status: OK
{"id":"004e9492-ba62-4a4c-a433-3dc44b96b074","rule_name":"(L1) Ensure 'Create a token object' is set to 'No One'","enabled":null,"section_id":"c9744adf-e7a0-43b4-97b8-64da8317ed2a","section_name":"User Rights Assignment","supported_os_info":[{"os_metadata_id":"1","os_type":"WINDOWS","os_name":"Windows Server 2012 x64","cis_version":"2.3.0"},{"os_metadata_id":"2","os_type":"WINDOWS","os_name":"Windows Server 2012 R2 x64","cis_version":"2.5.0"}],"description":"This policy setting allows a process to create an access token, which may provide elevated rights to access sensitive data.\n\nThe recommended state for this setting is: `No One`.\n\n**Note:** This user right is considered a \"sensitive privilege\" for the purposes of auditing.","rationale":"A user account that is given this user right has complete control over the system and can lead to the system being compromised. It is highly recommended that you do not assign any user accounts this right.\n\nThe operating system examines a user's access token to determine the level of the user's privileges. Access tokens are built when users log on to the local computer or connect to a remote computer over a network. When you revoke a privilege, the change is immediately recorded, but the change is not reflected in the user's access token until the next time the user logs on or connects. Users with the ability to create or modify tokens can change the level of access for any currently logged on account. They could escalate their own privileges or create a DoS condition.","impact":"None - this is the default behavior.","remediation":{"procedure":"To establish the recommended configuration via GP, set the following UI path to `No One`","steps":"\n\n ```\nComputer Configuration\\Policies\\Windows Settings\\Security Settings\\Local Policies\\User Rights Assignment\\Create a token object\n```"},"profile":["Level 1 Domain Controller","Level 1 Member Server"]}