The network element must be running a current and supported operating system with all IAVMs addressed.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-3160	NET0700	SV-3160r2_rule	ECSC-1	Medium

Description
Network devices not running the latest tested and approved versions of software are vulnerable to network attacks. Running the most current, approved version of system and device software helps the site maintain a stable base of security fixes and patches, as well as enhancements to IP security. Viruses, denial of service attacks, system weaknesses, back doors and other potentially harmful situations could render a system vulnerable, allowing unauthorized access to DoD assets.

Description

Network devices not running the latest tested and approved versions of software are vulnerable to network attacks. Running the most current, approved version of system and device software helps the site maintain a stable base of security fixes and patches, as well as enhancements to IP security. Viruses, denial of service attacks, system weaknesses, back doors and other potentially harmful situations could render a system vulnerable, allowing unauthorized access to DoD assets.

STIG	Date
IDS/IPS Security Technical Implementation Guide	2013-10-08

Details

Check Text ( C-3549r2_chk )
Have the administrator display the OS version in operation. The OS must be current with related IAVMs addressed.

Fix Text (F-3185r2_fix)
Update operating system and address all related IAVMs.