The system package management tool must be used to verify system software periodically.
DISA Rule
SV-220063r603265_rule
Vulnerability Number
V-220063
Group Title
SRG-OS-000480
Rule Version
GEN006565
Severity
CAT II
CCI(s)
- CCI-000698 - The organization requires the developer of the information system, system component, or information system service to enable integrity verification of software and firmware components.
- CCI-000366 - The organization implements the security configuration settings.
Weight
10
Fix Recommendation
Add a cron job to run a package verification command, such as, pkgchk -n.
Check Contents
Check the root crontab (crontab -l) for the presence of a package check command, such as, pkgchk -n.
If no such cron job is found, this is a finding.
Vulnerability Number
V-220063
Documentable
False
Rule Version
GEN006565
Severity Override Guidance
Check the root crontab (crontab -l) for the presence of a package check command, such as, pkgchk -n.
If no such cron job is found, this is a finding.
Check Content Reference
M
Target Key
4060
Comments