{"description": "The telnet client allows users to start connections to other systems via\nthe telnet protocol.", "rationale": "The <tt>telnet</tt> protocol is insecure and unencrypted. The use\nof an unencrypted transmission medium could allow an unauthorized user\nto steal credentials. The <tt>ssh</tt> package provides an\nencrypted session and stronger security and is included in Ubuntu 22.04.", "severity": "low", "references": {"cui": ["3.1.13"], "hipaa": ["164.308(a)(4)(i)", "164.308(b)(1)", "164.308(b)(3)", "164.310(b)", "164.312(e)(1)", "164.312(e)(2)(ii)"], "iso27001-2013": ["A.8.2.3", "A.13.1.1", "A.13.2.1", "A.13.2.3", "A.14.1.2", "A.14.1.3"], "anssi": ["R62"], "cis": ["2.2.4"], "ism": ["1409"], "pcidss4": ["2.2.4", "2.2"]}, "control_references": {"anssi": ["R62"], "cis": ["2.2.4"], "ism": ["1409"], "pcidss4": ["2.2.4", "2.2"]}, "components": [], "identifiers": {}, "ocil_clause": null, "ocil": "The <code>telnet</code> package can be removed with the following command: <pre> $ apt-get remove telnet</pre>", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Remove telnet Clients", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/obsolete/telnet/package_telnet_removed/rule.yml", "template": {"name": "package_removed", "vars": {"pkgname": "telnet"}, "backends": {}}}