STIGQter: STIG Summary: MS Exchange 2013 Client Access Server Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jan 2020:

Exchange must have the most current, approved service pack installed.

DISA Rule

SV-84401r1_rule

Vulnerability Number

V-69779

Group Title

SRG-APP-000456

Rule Version

EX13-CA-000160

Severity

CAT II

CCI(s)

• CCI-002605 - The organization installs security-relevant software updates within an organization-defined time period of the release of the updates.

Weight

10

Fix Recommendation

Install the most current, approved service pack.

Check Contents

Determine the most current, approved service pack.

Open the Exchange Management Shell and enter the following command:

Get-ExchangeServer | fl Name, AdminDisplayVersion

If the value of AdminDisplayVersion does not return the most current, approved service pack, this is a finding.

Vulnerability Number

V-69779

Documentable

False

Rule Version

EX13-CA-000160

Severity Override Guidance

Determine the most current, approved service pack.

Open the Exchange Management Shell and enter the following command:

Get-ExchangeServer | fl Name, AdminDisplayVersion

If the value of AdminDisplayVersion does not return the most current, approved service pack, this is a finding.

Check Content Reference

M

Target Key

3097

Comments