Nutanix AOS must be running an operating system release that is currently supported by the vendor.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-254119	NUTX-AP-001080	SV-254119r1001000_rule		High

Description
Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (including any contractor to the organization) are required to promptly install security-relevant software updates (e.g., patches, service packs, and hot fixes) to production systems after thorough testing of the patches within a lab environment. Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling must also be addressed expeditiously.

Description

Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (including any contractor to the organization) are required to promptly install security-relevant software updates (e.g., patches, service packs, and hot fixes) to production systems after thorough testing of the patches within a lab environment. Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling must also be addressed expeditiously.

STIG	Date
Nutanix AOS 5.20.x Application Security Technical Implementation Guide	2024-06-18

Details

Check Text ( C-57604r1000998_chk )
Product version is end of life and no longer supported. If the system is running AOS version 5.20.x, this is a finding.

Fix Text (F-57555r1000999_fix)
Upgrade to a supported version.