UCF STIG Viewer Logo

The IAO will ensure the system and installed applications have current patches, security updates, and configuration settings.


Overview

Finding ID Version Rule ID IA Controls Severity
V-16836 APP6050 SV-17836r1_rule DCCT-1 Medium
Description
Due to viruses, worms, Trojans, and other malicious software, in addition to inevitable weaknesses in code, the necessity to patch critical vulnerabilities is paramount. As part of the general practice of performing application or system administration, it is imperative that security vulnerabilities from the vendor are monitored and patches are tested and applied.
STIG Date
Application Security and Development Checklist 2014-12-22

Details

Check Text ( C-17842r1_chk )
Ask the application representative to review the Configuration Management Plan. Ensure procedures exist addressing the test and implementation process for all patches, upgrades, and application deployments. Verify all IPv6 applicable patches have been applied. Verify all vendor provided IPv6 related patches been installed.

1) If required patches are missing, it is a finding.

2) If procedures do not exist or are deficient, it is a finding.
Fix Text (F-17154r1_fix)
Install current patches and update configurations.