Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-002605
CCI
CCI|CCI-002605
Title
The organization installs security-relevant software updates within an organization-defined time period of the release of the updates.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2013
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
AADC-CL-001075 - Unsupported versions of Adobe Acrobat Pro DC Classic must be uninstalled.
Windows
DISA STIG Adobe Acrobat Pro DC Classic Track v2r1
AADC-CN-001075 - The Adobe Acrobat Pro DC Continuous latest security-related software updates must be installed.
Windows
DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1
ADBP-XI-001075 - The Adobe Acrobat Pro XI latest security-related software updates must be installed.
Windows
DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2
ADBP-XI-005000 - An unsupported Adobe Acrobat Pro version must not be installed.
Windows
DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2
ARDC-CL-000340 - Unsupported version of Adobe Acrobat Reader DC Classic must be uninstalled.
Windows
DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CN-000340 - Adobe Reader DC must have the latest Security-related Software Updates installed.
Windows
DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
AS24-U1-000930 - The Apache web server must install security-relevant software updates within the configured time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).
Unix
DISA STIG Apache Server 2.4 Unix Server v2r6 Middleware
AS24-U1-000930 - The Apache web server must install security-relevant software updates within the configured time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).
Unix
DISA STIG Apache Server 2.4 Unix Server v2r6
AS24-W1-000930 - The Apache web server must install security-relevant software updates within the configured time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).
Windows
DISA STIG Apache Server 2.4 Windows Server v2r3
CISC-ND-001470 - The Cisco switch must be running an IOS release that is currently supported by Cisco Systems.
Cisco
DISA STIG Cisco IOS Switch NDM v2r6
CISC-ND-001470 - The Cisco switch must be running an IOS release that is currently supported by Cisco Systems.
Cisco
DISA STIG Cisco IOS XE Switch NDM v2r6
CISC-ND-001470 - The Cisco switch must be running an IOS release that is currently supported by Cisco Systems.
Cisco
DISA STIG Cisco NX-OS Switch NDM v2r5
DB2X-00-009500 - Security-relevant software updates to DB2 must be installed within the time period directed by an authoritative source (e.g. IAVM, CTOs, DTMs, and STIGs).
IBM_DB2DB
DISA STIG IBM DB2 v10.5 LUW v2r1 Database
DTAM171 - (U) McAfee VirusScan must have the current security patches installed.
Windows
DISA McAfee VirusScan 8.8 Managed Client STIG v6r1
DTAM171 - (U) McAfee VirusScan must have the current security patches installed.
Windows
DISA McAfee VirusScan 8.8 Local Client STIG v6r1
DTBC-0050 - The version of Google Chrome running on the system must be a supported version.
Windows
DISA STIG Google Chrome v2r8
DTOO401 - Office automatic updates must be enabled for Office products installed via Click-to-Run and configured to use a Trusted site - automatic updates
Windows
DISA STIG Microsoft Office System 2013 v2r1
DTOO401 - Office automatic updates must be enabled for Office products installed via Click-to-Run and configured to use a Trusted site - update server
Windows
DISA STIG Microsoft Office System 2013 v2r1
DTOO401 - Office automatic updates must be enabled for Office products installed via Click-to-Run and configured to use a Trusted site - update stats server
Windows
DISA STIG Microsoft Office System 2013 v2r1
EDGE-00-000045 - The version of Microsoft Edge running on the system must be a supported version.
Windows
DISA STIG Edge v1r7
EP11-00-009900 - Security-relevant software updates to the EDB Postgres Advanced Server must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).
PostgreSQLDB
EDB PostgreSQL Advanced Server v11 DB Audit v2r2
EX13-CA-000160 - Exchange must have the most current, approved service pack installed.
Windows
DISA Microsoft Exchange 2013 Client Access Server STIG v2r1
EX13-EG-000350 - Exchange must have the most current, approved service pack installed.
Windows
DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r5
EX13-MB-000340 - Exchange must have the most current, approved service pack installed.
Windows
DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2
EX16-ED-000700 - Exchange must have the most current, approved service pack installed.
Windows
DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r4
EX16-MB-000680 - Exchange must have the most current, approved service pack installed.
Windows
DISA Microsoft Exchange 2016 Mailbox Server STIG v2r4
FFOX-00-000001 - The installed version of Firefox must be supported.
Unix
DISA STIG Mozilla Firefox Linux v6r5
FFOX-00-000001 - The installed version of Firefox must be supported.
Windows
DISA STIG Mozilla Firefox Windows v6r5
FFOX-00-000001 - The installed version of Firefox must be supported.
Unix
DISA STIG Mozilla Firefox MacOS v6r5
FGFW-ND-000295 - The FortiGate device must be configured to send log data to a central log server for the purpose of forwarding alerts to the administrators and the ISSO.
FortiGate
DISA Fortigate Firewall NDM STIG v1r4
JBOS-AS-000680 - Production JBoss servers must be supported by the vendor.
Unix
DISA RedHat JBoss EAP 6.3 STIG v2r3
JBOS-AS-000685 - The JRE installed on the JBoss server must be kept up to date.
Unix
DISA RedHat JBoss EAP 6.3 STIG v2r3
JRE8-UX-000180 - The version of Oracle JRE 8 running on the system must be the most current available.
Unix
DISA STIG Oracle JRE 8 Unix v1r3
JRE8-WN-000180 - The version of Oracle JRE 8 running on the system must be the most current available.
Windows
DISA STIG Oracle JRE 8 Windows v2r1
MADB-10-009300 - Security-relevant software updates to MariaDB must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).
Unix
DISA MariaDB Enterprise 10.x v1r2 OS Linux
MADB-10-012600 - MariaDB products must be a version supported by the vendor.
MySQLDB
DISA MariaDB Enterprise 10.x v1r2 DB
MD4X-00-006400 - Security-relevant software updates to MongoDB must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).
Unix
DISA STIG MongoDB Enterprise Advanced 4.x v1r2 OS
MD4X-00-006500 - MongoDB products must be a version supported by the vendor.
MongoDB
DISA STIG MongoDB Enterprise Advanced 4.x v1r2 DB
MYS8-00-012300 - Security-relevant software updates to the MySQL Database Server 8.0 must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).
MySQLDB
DISA Oracle MySQL 8.0 v1r4 DB
O112-BP-024750 - Oracle database products must be a version supported by the vendor.
OracleDB
DISA STIG Oracle 11.2g v2r3 Database
O112-C1-011100 - Vendor-supported software must be evaluated and patched against newly found vulnerabilities.
Windows
DISA STIG Oracle 11.2g v2r3 Windows
O112-C1-011100 - Vendor-supported software must be evaluated and patched against newly found vulnerabilities.
Unix
DISA STIG Oracle 11.2g v2r3 Linux
O121-BP-024750 - Oracle database products must be a version supported by the vendor.
OracleDB
DISA STIG Oracle 12c v2r8 Database
PGS9-00-000300 - Security-relevant software updates to PostgreSQL must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).
PostgreSQLDB
DISA STIG PostgreSQL 9.x on RHEL DB v2r3
PPS9-00-009900 - Security-relevant software updates to the EDB Postgres Advanced Server must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).
PostgreSQLDB
EDB PostgreSQL Advanced Server DB Audit v2r2
SQL4-00-035400 - Security-relevant software updates to SQL Server must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).
Windows
DISA STIG SQL Server 2014 Instance OS Audit v2r3
SQL4-00-035500 - Software updates to SQL Server must be tested before being applied to production systems.
MS_SQLDB
DISA STIG SQL Server 2014 Instance DB Audit v2r3
SQL6-D0-012800 - Security-relevant software updates to SQL Server must be installed within the time period directed by an authoritative source (e.g. IAVM, CTOs, DTMs, and STIGs).
MS_SQLDB
DISA STIG SQL Server 2016 Instance DB Audit v2r10
TCAT-AS-001470 - Tomcat server must be patched for security vulnerabilities.
Unix
DISA STIG Apache Tomcat Application Server 9 v2r5 Middleware
TCAT-AS-001470 - Tomcat server must be patched for security vulnerabilities.
Unix
DISA STIG Apache Tomcat Application Server 9 v2r5