Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19707 | APP3970 | SV-21848r1_rule | DCSQ-1 | Medium |
Description |
---|
If the application's supporting services (e.g., software update, security update, driver updating, and automatic patching services) have not been updated to retrieve updates over a IPv6 network connection, there is a possibility the application will not execute properly, and as a result, a denial of service could occur. |
STIG | Date |
---|---|
Application Security and Development Checklist | 2014-01-07 |
Check Text ( C-24104r1_chk ) |
---|
Ask the application representative for the design document. Review the design document for application services supporting IPv6. Verify supporting application layer services (such as, File Transfer Protocol (FTP), Network File system (NFS), Hyper Text Transfer Protocol (HTTP)) have been upgraded and tested for IPv6. 1) If the supporting application layer services have not been upgraded and tested for IPv6, it is a finding. Verify security functions have been updated for IPv6 addressing and network services. 2) If security functions have not been updated for IPv6 addressing and network services, it is a finding. Verify all software update, security update, driver updating, and automatic patching services which retrieve updates over a network connection have been updated to run over IPv6 transport. 3) If all software update, security update, driver updating, and automatic patching have not been updated to run over IPv6 transport, it is a finding. Verify all client-facing server interfaces have been upgraded for IPv6. 4) If all client-facing server interfaces have not been upgraded for IPv6, it is a finding. |
Fix Text (F-23064r1_fix) |
---|
Upgrade supporting application services and interfaces for IPv6 transport. |