| V-14021 ||High ||Only the BlackBerry Enterprise Server (BES) email solution is used. || If the required BlackBerry system is not used, DoD networks are at risk of being penetrated or DoD data could be exposed. |
| V-11870 ||High ||Onset Technologies METAmessage software must not be installed on DoD BlackBerry devices or on the BES.
||Onset Technologies METAmessage software is production software which may introduce a virus or other malicious code on the system. This software is not approved for use on DoD systems. |
| V-19191 ||High ||Required version of the BlackBerry Enterprise Server (BES) must be installed. ||Earlier versions of the BES have security vulnerabilities. CYBERCOM IAVA directs all DoD installations upgrade to required version due to RIM ending support for version 4.1.6 and 4.1.7 as of 2 July 2011. |
| V-14199 ||Medium ||The host server where the BlackBerry Enterprise Server (BES) is installed must be hardened in accordance with the appropriate SQL, Apache Web Server, and IIS STIGs when required. ||Wireless email services are installed on a Windows Server. The server must be compliant with the Windows STIG, SQL STIG, Apache Web Server STIG, and IIS STIG to ensure the system is not vulnerable... |