Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-242634 | CSCO-NM-000280 | SV-242634r714212_rule | Medium |
Description |
---|
Network devices running an unsupported operating system lack current security fixes required to mitigate the risks associated with recent vulnerabilities. The recommended best practice is for the organization to implement a patch management process for Junos OS. The process should involve testing and verification of the authenticity of vendor-provided updated. These files are then placed into a repository which is protected by access, confidentiality, and integrity control. System administrators can then initiate firmware/software updates by pointing the device to this repository. There is no need for the device to perform additional certificate verification. |
STIG | Date |
---|---|
Cisco ISE NDM Security Technical Implementation Guide | 2021-09-27 |
Check Text ( C-45909r714210_chk ) |
---|
To display information about the software version, type the following at the CLI: show version View details about the installed version of Cisco ADE-OS software running in the Cisco ISE server and also the Cisco ISE version. If the Cisco ISE is not running an operating system release that is currently supported by the vendor, this is a finding. |
Fix Text (F-45866r714211_fix) |
---|
Install the latest approved update of the CISCO ADE-OS software. 1. Click the "Upgrade" tab in the Admin portal. 2. Click "Proceed". The Review Checklist window appears. Read the instructions carefully. 3. Check the "I have reviewed the checklist" check box, and click "Continue". |