The /smit.log file maintains a history of all smit commands run as root. The /smit.log file may contain sensitive information regarding system configuration, which may be of interest to an attacker. This log file must be secured from unauthorized access and modifications.
Solution
Remove world read and write access to /smit.log : chmod o-rw /smit.log