UCF STIG Viewer Logo

The WebSphere Liberty Server must install security-relevant software updates within the time period directed by an authoritative source.


Overview

Finding ID Version Rule ID IA Controls Severity
V-250349 IBMW-LS-001170 SV-250349r795100_rule Medium
Description
Security vulnerabilities are often addressed by testing and applying the latest security patches and fix packs. The latest fixpacks can be found at: http://www-01.ibm.com/support/docview.wss?uid=swg27009661
STIG Date
IBM WebSphere Liberty Server Security Technical Implementation Guide 2021-08-30

Details

Check Text ( C-53784r795098_chk )
Use the "productInfo(.bat/.sh) version" command to determine the WebSphere version. Review the patch level and fix pack.

Review the latest fixpacks at: http://www-01.ibm.com/support/docview.wss?uid=swg27009661 and determine if the system is operating at the latest patch level.

If the most recent patches/fix packs have not been applied, this is a finding.
Fix Text (F-53738r795099_fix)
Obtain WebSphere Liberty product security and patch support at http://www-01.ibm.com/support/docview.wss?uid=swg27009661.

Run the productInfo validate command to validate the MD5 checksum file for server installation and each feature.

If a feature is not valid, the command outputs an error and lists the manifest file for the affected feature. The following example validates the features for the current installation and outputs the results to the validate.txt file:

productInfo validate --output=/tmp/validate.txt