UCF STIG Viewer Logo

The network element must be running a current and supported operating system with all IAVMs addressed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3160 NET0700 SV-15303r2_rule Medium
Description
Network devices that are not running the latest tested and approved versions of software are vulnerable to network attacks. Running the most current, approved version of system and device software helps the site maintain a stable base of security fixes and patches, as well as enhancements to IP security. Viruses, denial of service attacks, system weaknesses, back doors and other potentially harmful situations could render a system vulnerable, allowing unauthorized access to DoD assets.
STIG Date
Perimeter Router Security Technical Implementation Guide Juniper 2018-11-28

Details

Check Text ( C-12698r2_chk )
In operational mode, have the router administrator execute the show version brief command to verify the installed JUNOS version. This command will show the base OS as well as the kernel, packet forwarding engine, routing, and crypto. Validate that all software components are at the required level.

J, M and T series should be 10.0 or later.

E series should be 10.2 or later

Verify that all IAVMs have been addressed.

Fix Text (F-3185r4_fix)
Update operating system to a supported version that addresses all related IAVMs.