Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
HAProxy must have the latest approved security-relevant software updates installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-240091 | VRAU-HA-000480 | SV-240091r879827_rule | Medium |
| Description |
|---|
| All vRA components, to include Lighttpd, are under VMware configuration management control. The CM process ensures that all patches, functions, and modules have been thoroughly tested before being introduced into the production version. By using the most current version of Lighttpd, the Lighttpd server will always be using the most stable and known baseline. |
| STIG | Date |
|---|---|
| VMW vRealize Automation 7.x HA Proxy Security Technical Implementation Guide | 2023-09-12 |
Details
| Check Text ( C-43324r665440_chk ) |
|---|
| Interview the ISSO. Determine whether HAProxy has the latest approved security-relevant software updates and updates are installed within the identified time period. If the latest approved security-relevant software updates are not installed or installed within the identified time period, this is a finding. |
| Fix Text (F-43283r665441_fix) |
|---|
| Ensure HAProxy has the latest approved security-relevant software updates and the updates are installed within the identified time period. |