UCF STIG Viewer Logo

Applications providing patch management capabilities must support the organizational requirements to install software updates automatically.


Overview

Finding ID Version Rule ID IA Controls Severity
V-35681 SRG-APP-000269-AS-NA SV-46968r1_rule Medium
Description
Security faults with software applications and operating systems are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (including any contractor to the organization) are required to promptly install security-relevant software updates (e.g., patches, service packs, and hot fixes). Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling must also be addressed expeditiously. The requirement is NA. The AS does not provide a patch management capability.
STIG Date
Application Server Security Requirements Guide 2013-01-08

Details

Check Text ( C-44023r1_chk )
This requirement is NA for the AS SRG.
Fix Text (F-40223r1_fix)
The requirement is NA. No fix is required.