Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
SRG-OS-99999-ESXI5-000149 | SRG-OS-99999-ESXI5-000149 | SRG-OS-99999-ESXI5-000149_rule | Medium |
Description |
---|
By staying up to date on ESXi patches, vulnerabilities in the hypervisor can be mitigated. An educated attacker can exploit known vulnerabilities when attempting to attain access or elevate privileges on an ESXi host. |
STIG | Date |
---|---|
VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Check Text ( C-SRG-OS-99999-ESXI5-000149_chk ) |
---|
Ask the SA if ESXi hosts are patched in accordance with site policies using the VMware Update Manager. If VUM is not used, ask the SA what method and organization-defined schedule is used to maintain host patch updates. If the host patching method and/or frequency cannot be determined, this is a finding. |
Fix Text (F-SRG-OS-99999-ESXI5-000149_fix) |
---|
Deploy VMware Update Manager or develop procedures to manually and/or automatically patch ESXi hosts on an organization-defined schedule. |