Details of the Vulnerability
THREAT:
The user ((local service account) has blank password in the shadow file, which allows to connect to the system without entering a password.
IMPACT:
An attacker may connect to the system by knowing just the username.
SOLUTION:
Set a password for the user(local service account). ( Many companies security policy does not allow an password for the user)
If still the application users need to access without a password, The password should rather be locked:“ ie Lock the passwordless local service account.”. Setting password for local service account is against many companies security policy.
This can be easily fixed. All you need is “passwd -l user(local service account)”, and it will change the user(local service account) in /etc/shadow
From blank password:
user(local service account)::16555:0:99999:7:::
To locked State:
user(local service account):!!:16555:0:99999:7:::