STIGQter: STIG Summary: IBM WebSphere Traditional V9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 23 Aug 2018:

The WebSphere Application Server must apply the latest security fixes.

DISA Rule

SV-96113r1_rule

Vulnerability Number

V-81399

Group Title

SRG-APP-000456-AS-000266

Rule Version

WBSP-AS-001750

Severity

CAT II

CCI(s)

CCI-002605 - The organization installs security-relevant software updates within an organization-defined time period of the release of the updates.

Weight

Fix Recommendation

Obtain WebSphere product security and patch support.

Test and apply the latest applicable WebSphere security fixes.

Check Contents

Use the admin console to determine the WebSphere version.

Review patch level and fix pack.

If the most recent patches/fix packs have not been applied, this is a finding.

Vulnerability Number

V-81399

Documentable

False

Rule Version

WBSP-AS-001750

Severity Override Guidance

Use the admin console to determine the WebSphere version.

Review patch level and fix pack.

If the most recent patches/fix packs have not been applied, this is a finding.

Check Content Reference

Target Key

3399

The WebSphere Application Server must apply the latest security fixes.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments