Unified Capabilities (UC) soft client patches and upgrades must be tested and approved prior to implementation.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-16108 | VVoIP 1130 | SV-17096r2_rule | Medium |
| Description |
|---|
| It is important that UC soft clients be tested and subsequently certified and accredited for IA purposes, to include upgrades or patches. Applications that have not been sufficiently vetted may introduce malware to the network or have security issues an adversary may manipulate. |
| STIG | Date |
|---|---|
| Voice Video Services Policy Security Technical Implementation Guide | 2019-09-27 |
Details
| Check Text ( C-17221r2_chk ) |
|---|
| Review the site documentation to confirm the UC soft client patches and upgrades are tested and approved prior to implementation. If the UC soft client patches and upgrades are not tested and approved prior to implementation, this is a finding. |
| Fix Text (F-16214r2_fix) |
|---|
| Ensure UC soft client patches and upgrades are tested and approved prior to implementation. |