UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Mainframe Product must remove all upgraded/replaced software components that are no longer required for operation after updated versions have been installed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-68483 SRG-APP-000454-MFP-000343 SV-82973r1_rule Medium
Description
Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.
STIG Date
Mainframe Product Security Requirements Guide 2019-12-12

Details

Check Text ( C-69015r1_chk )
Examine inventory of installed software components for the Mainframe Product.

If the Mainframe Product does not remove all upgraded/replaced software components that are no longer required for operation, this is a finding.
Fix Text (F-74599r1_fix)
Configure the Mainframe Product to remove all upgraded/replaced software components that are no longer required for operation.