Information
LBAC rule exemptions provide very powerful access. Do not grant them without careful consideration. It is recommended that all security rule exemptions are reviewed against users and their required access.
LBAC rule exemptions allow a particular rule within a particular security policy to not be enforced when trying to access data protected by that security policy.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
Review all users that have LBAC rule exemptions for qualification according to needs of the business.