Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Mainframe Product must remove all upgraded/replaced software components that are no longer required for operation after updated versions have been installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-68483 | SRG-APP-000454-MFP-000343 | SV-82973r1_rule | Medium |
| Description |
|---|
| Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system. |
| STIG | Date |
|---|---|
| Mainframe Product Security Requirements Guide | 2019-12-12 |
Details
| Check Text ( C-69015r1_chk ) |
|---|
| Examine inventory of installed software components for the Mainframe Product. If the Mainframe Product does not remove all upgraded/replaced software components that are no longer required for operation, this is a finding. |
| Fix Text (F-74599r1_fix) |
|---|
| Configure the Mainframe Product to remove all upgraded/replaced software components that are no longer required for operation. |