STIGQter: STIG Summary: vRealize - Cassandra Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

Security-relevant software updates to the Cassandra Server must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).

DISA Rule

SV-87323r1_rule

Vulnerability Number

V-72691

Group Title

SRG-APP-000456-DB-000390

Rule Version

VROM-CS-000260

Severity

CAT I

CCI(s)

• CCI-002605 - The organization installs security-relevant software updates within an organization-defined time period of the release of the updates.

Weight

10

Fix Recommendation

Configure the Cassandra Server to install security-relevant software updates within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).

Install the latest updates according to the time period specified in product documentation. Verify that the Cassandra Server was configured to follow product documentation specified updates installation timeframe.

Check Contents

Review the Cassandra Server configuration to ensure security-relevant software updates are installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).

Run "find / | grep "cassandra-"" from console and review all the Cassandra DB related packages currently installed on the host.

Check at the http://cassandra.apache.org/download/ for the latest updates and patches available. Check product documentation for the time period updates have to be installed on the host.

If there is an update that has to be installed, but is not displayed in the list of Cassandra DB related packages currently installed on the host, this is a finding.

Vulnerability Number

V-72691

Documentable

False

Rule Version

VROM-CS-000260

Severity Override Guidance

Review the Cassandra Server configuration to ensure security-relevant software updates are installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs).

Run "find / | grep "cassandra-"" from console and review all the Cassandra DB related packages currently installed on the host.

Check at the http://cassandra.apache.org/download/ for the latest updates and patches available. Check product documentation for the time period updates have to be installed on the host.

If there is an update that has to be installed, but is not displayed in the list of Cassandra DB related packages currently installed on the host, this is a finding.

Check Content Reference

M

Target Key

3179

Comments