CCI|CCI-002605

Title

The organization installs security-relevant software updates within an organization-defined time period of the release of the updates.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2013

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
AADC-CL-001075 - Unsupported versions of Adobe Acrobat Pro DC Classic must be uninstalled.	Windows	DISA STIG Adobe Acrobat Pro DC Classic Track v2r1
AADC-CN-001075 - The Adobe Acrobat Pro DC Continuous latest security-related software updates must be installed.	Windows	DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1
ADBP-XI-001075 - The Adobe Acrobat Pro XI latest security-related software updates must be installed.	Windows	DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2
ADBP-XI-005000 - An unsupported Adobe Acrobat Pro version must not be installed.	Windows	DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2
ARDC-CL-000340 - Unsupported version of Adobe Acrobat Reader DC Classic must be uninstalled.	Windows	DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CN-000340 - Adobe Reader DC must have the latest Security-related Software Updates installed.	Windows	DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
AS24-U1-000930 - The Apache web server must install security-relevant software updates within the configured time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).	Unix	DISA STIG Apache Server 2.4 Unix Server v2r6 Middleware
AS24-U1-000930 - The Apache web server must install security-relevant software updates within the configured time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).	Unix	DISA STIG Apache Server 2.4 Unix Server v2r6
AS24-W1-000930 - The Apache web server must install security-relevant software updates within the configured time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).	Windows	DISA STIG Apache Server 2.4 Windows Server v2r3
CISC-ND-001470 - The Cisco switch must be running an IOS release that is currently supported by Cisco Systems.	Cisco	DISA STIG Cisco IOS Switch NDM v2r6
CISC-ND-001470 - The Cisco switch must be running an IOS release that is currently supported by Cisco Systems.	Cisco	DISA STIG Cisco IOS XE Switch NDM v2r6
CISC-ND-001470 - The Cisco switch must be running an IOS release that is currently supported by Cisco Systems.	Cisco	DISA STIG Cisco NX-OS Switch NDM v2r5
DB2X-00-009500 - Security-relevant software updates to DB2 must be installed within the time period directed by an authoritative source (e.g. IAVM, CTOs, DTMs, and STIGs).	IBM_DB2DB	DISA STIG IBM DB2 v10.5 LUW v2r1 Database
DTAM171 - (U) McAfee VirusScan must have the current security patches installed.	Windows	DISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM171 - (U) McAfee VirusScan must have the current security patches installed.	Windows	DISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTBC-0050 - The version of Google Chrome running on the system must be a supported version.	Windows	DISA STIG Google Chrome v2r8
DTOO401 - Office automatic updates must be enabled for Office products installed via Click-to-Run and configured to use a Trusted site - automatic updates	Windows	DISA STIG Microsoft Office System 2013 v2r1
DTOO401 - Office automatic updates must be enabled for Office products installed via Click-to-Run and configured to use a Trusted site - update server	Windows	DISA STIG Microsoft Office System 2013 v2r1
DTOO401 - Office automatic updates must be enabled for Office products installed via Click-to-Run and configured to use a Trusted site - update stats server	Windows	DISA STIG Microsoft Office System 2013 v2r1
EDGE-00-000045 - The version of Microsoft Edge running on the system must be a supported version.	Windows	DISA STIG Edge v1r7
EP11-00-009900 - Security-relevant software updates to the EDB Postgres Advanced Server must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).	PostgreSQLDB	EDB PostgreSQL Advanced Server v11 DB Audit v2r2
EX13-CA-000160 - Exchange must have the most current, approved service pack installed.	Windows	DISA Microsoft Exchange 2013 Client Access Server STIG v2r1
EX13-EG-000350 - Exchange must have the most current, approved service pack installed.	Windows	DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r5
EX13-MB-000340 - Exchange must have the most current, approved service pack installed.	Windows	DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2
EX16-ED-000700 - Exchange must have the most current, approved service pack installed.	Windows	DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r4
EX16-MB-000680 - Exchange must have the most current, approved service pack installed.	Windows	DISA Microsoft Exchange 2016 Mailbox Server STIG v2r4
FFOX-00-000001 - The installed version of Firefox must be supported.	Unix	DISA STIG Mozilla Firefox Linux v6r5
FFOX-00-000001 - The installed version of Firefox must be supported.	Windows	DISA STIG Mozilla Firefox Windows v6r5
FFOX-00-000001 - The installed version of Firefox must be supported.	Unix	DISA STIG Mozilla Firefox MacOS v6r5
FGFW-ND-000295 - The FortiGate device must be configured to send log data to a central log server for the purpose of forwarding alerts to the administrators and the ISSO.	FortiGate	DISA Fortigate Firewall NDM STIG v1r4
JBOS-AS-000680 - Production JBoss servers must be supported by the vendor.	Unix	DISA RedHat JBoss EAP 6.3 STIG v2r3
JBOS-AS-000685 - The JRE installed on the JBoss server must be kept up to date.	Unix	DISA RedHat JBoss EAP 6.3 STIG v2r3
JRE8-UX-000180 - The version of Oracle JRE 8 running on the system must be the most current available.	Unix	DISA STIG Oracle JRE 8 Unix v1r3
JRE8-WN-000180 - The version of Oracle JRE 8 running on the system must be the most current available.	Windows	DISA STIG Oracle JRE 8 Windows v2r1
MADB-10-009300 - Security-relevant software updates to MariaDB must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).	Unix	DISA MariaDB Enterprise 10.x v1r2 OS Linux
MADB-10-012600 - MariaDB products must be a version supported by the vendor.	MySQLDB	DISA MariaDB Enterprise 10.x v1r2 DB
MD4X-00-006400 - Security-relevant software updates to MongoDB must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).	Unix	DISA STIG MongoDB Enterprise Advanced 4.x v1r2 OS
MD4X-00-006500 - MongoDB products must be a version supported by the vendor.	MongoDB	DISA STIG MongoDB Enterprise Advanced 4.x v1r2 DB
MYS8-00-012300 - Security-relevant software updates to the MySQL Database Server 8.0 must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).	MySQLDB	DISA Oracle MySQL 8.0 v1r4 DB
O112-BP-024750 - Oracle database products must be a version supported by the vendor.	OracleDB	DISA STIG Oracle 11.2g v2r3 Database
O112-C1-011100 - Vendor-supported software must be evaluated and patched against newly found vulnerabilities.	Windows	DISA STIG Oracle 11.2g v2r3 Windows
O112-C1-011100 - Vendor-supported software must be evaluated and patched against newly found vulnerabilities.	Unix	DISA STIG Oracle 11.2g v2r3 Linux
O121-BP-024750 - Oracle database products must be a version supported by the vendor.	OracleDB	DISA STIG Oracle 12c v2r8 Database
PGS9-00-000300 - Security-relevant software updates to PostgreSQL must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).	PostgreSQLDB	DISA STIG PostgreSQL 9.x on RHEL DB v2r3
PPS9-00-009900 - Security-relevant software updates to the EDB Postgres Advanced Server must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).	PostgreSQLDB	EDB PostgreSQL Advanced Server DB Audit v2r2
SQL4-00-035400 - Security-relevant software updates to SQL Server must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).	Windows	DISA STIG SQL Server 2014 Instance OS Audit v2r3
SQL4-00-035500 - Software updates to SQL Server must be tested before being applied to production systems.	MS_SQLDB	DISA STIG SQL Server 2014 Instance DB Audit v2r3
SQL6-D0-012800 - Security-relevant software updates to SQL Server must be installed within the time period directed by an authoritative source (e.g. IAVM, CTOs, DTMs, and STIGs).	MS_SQLDB	DISA STIG SQL Server 2016 Instance DB Audit v2r10
TCAT-AS-001470 - Tomcat server must be patched for security vulnerabilities.	Unix	DISA STIG Apache Tomcat Application Server 9 v2r5 Middleware
TCAT-AS-001470 - Tomcat server must be patched for security vulnerabilities.	Unix	DISA STIG Apache Tomcat Application Server 9 v2r5

Detections

Analytics

CCI|CCI-002605

Title

Reference Item Details

Audit Items