Embed Size (px)
Citation preview
APRIL 2020 MAINTENANCE RELEASE: STIGS TO BE RELEASED
, NA
Repackaged benchmark for 2020-04-QR.Updated OVAL for 2020-04-QR.
Adobe Acrobat Reader DC Classic STIG, Version 1, Release 5NA
Create GPO packages for both Adobe Reader DC Continuous and Classic.
Adobe Acrobat Reader DC Continuous STIG, Version 1, Release 6NA
Create GPO packages for both Adobe Reader DC Continuous and Classic.
Apple OS X 10.13 STIG, Version 1, Release 5V-81571
V-81571 - Updated the requirement to utilize standardized language.
Apple OS X 10.14 STIG, Version 1, Release 3V-95901
V-95901 - Updated the requirement to utilize standardized language.
Application Server SRG, Version 2, Release 8V-35090
V-35090 - Modified FIPS-approved check language to eliminate reference to the TLS 1.0 version.
V-35329V-35329 - Modified FIPS-approved check language to eliminate reference to the TLS 1.0 version.
Release Date: April 24, 2020
V-57507V-57507 - Removed requirement from SRG.
V-57509V-57509 - Removed requirement from SRG.
V-57533V-57533 - Modified FIPS-approved check language to eliminate reference to the TLS 1.0 version.
V-57535V-57535 - Modified FIPS-approved check language to eliminate reference to the TLS 1.0 version.
Application SRG, Version 2, Release 0-10NA
Change references to SHA-1 to require SHA-2.
BIND 9.x STIG, Version 1, Release 9V-72377
V-72377 - Clarified syntax of logging directive.
V-72381V-72381 - Clarified syntax of logging directive.
V-72383V-72383 - Clarified syntax of logging directive.
Canonical Ubuntu 16.04 LTS STIG, Version 1, Release 4V-75437
V-75437 - Removed references to specific graphic display managers and changed "GUI" to graphical user interface to reduce possible confusion.
V-90351V-90351 - Added unlock_time requirement.
V-90363V-90363 - Added /usr/bin/su aduit rule requirement.
V-90353V-90353 - Split requirement and changed ClientAliveCountMax value to 0.
V-75603V-75603 - Corrected file path in the fix command.
V-75813V-75813 - Updated the requirement to reference the chrony service and configurations.
Central Log Server SRG, Version 1, Release 3V-100015
V-100015 - Added requirement.
V-100017V-100017 - Added requirement.
V-100019V-100019 - Added requirement.
V-100021V-100021 - Added requirement.
V-100041V-100041 - Added requirement.
V-100027V-100027 - Added requirement.
V-100029V-100029 - Added requirement.
V-100031V-100031 - Added requirement.
V-100033V-100033 - Added requirement.
V-100035V-100035 - Added requirement.
V-100037V-100037 - Added requirement.
V-100039V-100039 - Added requirement.
V-100043V-100043 - Added requirement.
V-100045V-100045 - Added requirement.
V-100047V-100047 - Added requirement.
V-100049V-100049 - Added requirement.
V-100051V-100051 - Added requirement.
V-100053V-100053 - Added requirement.
V-100055V-100055 - Added requirement.
V-100057V-100057 - Added requirement.
V-100059V-100059 - Added requirement.
V-100061V-100061 - Added requirement.
V-100063V-100063 - Added requirement.
V-100065V-100065 - Added requirement.
V-100067V-100067 - Added requirement.
V-100069V-100069 - Added requirement.
V-100071V-100071 - Added requirement.
V-100073V-100073 - Added requirement.
V-100075V-100075 - Added requirement.
Cisco IOS Router NDM STIG, Version 1, Release 3
V-96183V-96183 - Changed to CAT 1.
Cisco IOS Router RTR STIG, Version 1, Release 3V-96553
V-96553 - Provided clarification in the check content.
V-96555V-96555 - Corrected typo in vul discussion.
V-96623V-96623 - Corrected check content.
V-96625V-96625 - Corrected check content.
V-96639V-96639 - Provided link to GTP QOS document in check and fix content.
V-96641V-96641 - Provided link to GTP QOS document in check and fix content.
V-96649V-96649 - Corrected fix content.
V-96665V-96665 - Corrected check content.
Cisco IOS-XE Router NDM STIG, Version 1, Release 3V-96365
V-96365 - Changed to CAT 1.
Cisco IOS-XE Router RTR STIG, Version 1, Release 3
V-96905V-96905 - Provided clarification in the check content.
V-96907V-96907 - Corrected typo in vul discussion.
V-96975V-96975 - Corrected check content.
V-96985V-96985 - Corrected check and fix content.
V-97001V-97001 - Provided link to GTP QOS document in check and fix content.
V-97003V-97003 - Provided link to GTP QOS document in check and fix content.
V-97013V-97013 - Corrected fix content.
V-97029V-97029 - Corrected check content.
V-97111V-97111 - Corrected check content.
Cisco IOS-XR Router NDM STIG, Version 1, Release 3V-96497
V-96497 - Changed to CAT 1.
Cisco IOS-XR Router RTR STIG, Version 1, Release 3V-96719
V-96719 - Provided clarification in the check content.
V-96721V-96721 - Corrected typo in vul discussion.
V-96815V-96815 - Provided link to GTP QOS document in check and fix content.
V-96817V-96817 - Provided link to GTP QOS document in check and fix content.
Citrix XenDesktop 7.x Delivery Controller STIG, Version 1, Release 3V-81409
V-81409 - Altered SSL setting in CXEN-DC-001225.
Database SRG, Version 2, Release 10NA
PMRC: Correct V1R6, V1R7, V1R8 to read V2R6, V2R7, and V2R8
V-58059V-58059 - Update real-time alerts.
EDB Postgres Advanced Server STIG, Version 1, Release 7V-69001
V-69001 - Update real-time alerts.
IBM AIX 7.x STIG, Version 1, Release 2V-91775
V-91775 - Updated the check so it is only looking at the "/etc/security/audit/objects" file.
V-100005V-100005 - Added a requirement to address actions when the audit storage volume is full.
V-91341
V-91341 - Corrected a typo in the rule title and vulnerability discussion.
Juniper Router NDM STIG, Version 1, Release 4V-91127
V-91127 - Corrected typo in check content.
V-91131V-91131 - Corrected check and fix content.
Juniper Router RTR STIG, Version 1, Release 4V-90939
V-90939 - Provided link to GTP QOS document in check and fix content.
V-90941V-90941 - Provided link to GTP QOS document in check and fix content.
Layer 2 Switch SRG, Version 1, Release 6V-100097
V-100097 - Add generic requirement SRG-NET-000512-L2S-000100 for CCI 266.
McAfee Application Control 8.x STIG, Version 1, Release 6V-74215
V-74215 - Clarified policy to be validated.
McAfee VSEL 1.9/2.0 Local Client STIG, Version 1, Release 6V-63135
V-63135 - Removed from STIG as mounted volumes are scanned with On Access scan.
McAfee VSEL 1.9/2.0 Managed Client STIG, Version 1, Release 5V-63061
V-63061 - Removed from STIG as mounted volumes are scanned with On Access scan.
Microsoft .Net Framework 4 STIG Benchmark, Version 1, Release 7NA
Repackaged benchmark for 2020-04-QR.
Microsoft IIS 8.5 Server STIG, Version 1, Release 10V-76689
V-76689 - Altered fix text in IISW-SV-000111.V-76689 - Removed note in IISW-SV-000111.
V-76695V-76695 - Altered permissions in IISW-SV-000115.
V-76745V-76745 - Altered permissions in IISW-SV-000144.
V-76771V-76771 - Added note for .NET in IISW-SV-000159.
Microsoft IIS 8.5 Site STIG, Version 1, Release 10V-76775
V-76775 - Added note for web farms in IISW-SI-000223, IISW-SI-000201.
V-76795V-76795 - Removed redundant requirement IISW-SI-000213.
V-76799V-76799 - Altered check/fix in IISW-SI-000215.
V-76801V-76801 - Altered check/fix in IISW-SI-000216.
V-76809V-76809 - Added note for load balancer in IISW-SI-000220.
V-76809 - Added load balancer statement in IISW-SI-000246 and IISW-SI-000220.
V-76813V-76813 - Added note for web farms in IISW-SI-000223, IISW-SI-000201.
V-76831V-76831 - Removed requirement.
V-76859V-76859 - Added load balancer statement in IISW-SI-000246 and IISW-SI-000220.
V-76865V-76865 - Altered check/fix in IISW-SI-000251.
V-76867V-76867 - Removed recycling note in IISW-SI-000252, IISW-SI-000253, IISW-SI-000254.
V-76869V-76869 - Removed recycling note in IISW-SI-000252, IISW-SI-000253, IISW-SI-000254.
V-76871V-76871 - Removed recycling note in IISW-SI-000252, IISW-SI-000253, IISW-SI-000254.
V-76885V-76885 - Added note for modular applications in IISW-SI-000261.V-76885 - Removed .apsx from IISW-SI-000261.
Microsoft OneDrive for Business 2016 STIG, Version 1, Release 3V-71323
V-71323 - Added note to check text regarding the two sets of OneDrive ADMX/L GPOs and which will result in the paths in the STIG.
V-71327
V-71327 - Added note to check text regarding the two sets of OneDrive ADMX/L GPOs and which will result in the paths in the STIG.
V-71331V-71331 - Added note to check text regarding the two sets of OneDrive ADMX/L GPOs and which will result in the paths in the STIG.
Microsoft SQL Server 2014 Instance STIG, Version 1, Release 10V-67895
V-67865 - Update real-time alerts.
V-67787V-67787 - Update Check text to include SQL Trace.
Microsoft SQL Server 2016 Instance STIG, Version 1, Release 9V-79231
V-79231 - Update real-time alerts.
V-79149V-79149 - Correct typo in check text.
Microsoft Windows 10 Mobile STIG, Version 1, Release 4V-100001
V-100001 - Added new requirement to sunset STIG.
Microsoft Windows 10 STIG, Version 1, Release 21V-100093
V-100093 - Added new requirement for the OS
V-99555V-99555 - Changing wording from "built in" to "enabled local" for the Administrator account
Microsoft Windows 2012 Server Domain Name System STIG, Version 1, Release 14
V-58715V-58715 - Added statement about requirement not being applicable if only AD-integrated zones.
V-58621V-58621 - Added verbiage to Vulnerability discussion about regarding exceptions. Added verbiage to finding statement to reflect specific meaning of lesser zones.
V-58627
V-58627 - Rule Title, Check, and Fix reworded to state that if IPv6 DNS records are hosted, this check is not applicable.
Microsoft Windows Defender Antivirus STIG Benchmark, Version 1, Release 5NA
Rebundled benchmark for updated Rule ID.
Microsoft Windows Defender Antivirus STIG, Version 1, Release 8V-75167
V-75167 - Correcting STIG ID to be the original setting in release 1. This was originally reversed due to a conflict with the Windows OS STIG but the conflicting STIG ID in the Windows OS STIG was removed.
Mozilla Firefox for RHEL STIG Benchmark, Version 1, Release 6V-79053
V-79053 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-15983V-15983 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-15768V-15768 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-19743V-19743 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-19744V-19744 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-19742V-19742 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-15771V-15771 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-15772V-15772 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-15774V-15774 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-15775V-15775 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-15776V-15776 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-15778V-15778 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-15779V-15779 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-15985V-15985 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-15986V-15986 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
V-64891
V-64891 - Updated an OVAL object supporting all checks to handle net-booted workstations correctly.
NDM SRG, Version 3, Release 3V-55033
V-55033 - Corrected rule title.
V-55055V-55055 - Corrected rule title and check content.
V-55073V-55073 - Corrected rule title.
V-55197V-55197 - Corrected rule title and check content.
V-55255V-55255 - Corrected rule title.
V-100099V-100099 - Add generic requirement SRG-APP-000516-NDM-000317 for CCI 266.
Network SRG, Version 2, Release 0-9NA
Change references to SHA-1 to require SHA-2.
Operating System SRG, Version 2, Release 0-10NA
Change references to SHA-1 to require SHA-2.
Oracle 11.2g Database STIG, Version 1, Release 18V-53981
V-53981 - Update password file permissions.
Oracle Database 12c STIG, Version 1, Release 17V-61431
V-61431 - Update password file permissions.
V-61559V-61559 - Update Temporary profile check.
V-61561V-61561 - Remove or disable temporary accounts after 72 hours.
V-61579V-61579 - Updated real-time alerts.
V-61667V-61667 - Corrected check text.
Oracle Linux 5 STIG, Version 1, Release 14V-22429
V-22429 - Corrected CCI typo to CCI-000366
Oracle Linux 6 STIG, Version 1, Release 18V-50575
V-50575 - Updated the finding statement to allow for values less than or equal to "900".
V-50807V-50807 - Updated the check command; added example text and refined the finding statement.
V-50849V-50849 - Updated the check content to focus on "removable media" and added example text.
V-50939V-50939 - Updated the check command with the correct file path.
V-51093V-51093 - Updated the fix text to correct the "arch=" definition in the 64-bit rule.
V-51121V-51121 - Updated the package name to "Libreswan".
V-100007V-100007 - Added a requirement to remove any ".shosts" and/or "shosts.equiv" files on the system.
V-100009V-100009 - Added a requirement for the configuration of MACs in SSH.
PostgreSQL 9.x STIG, Version 1, Release 7V-72893
V-72893 - Update real-time alerts.
Red Hat Enterprise Linux 6 STIG Benchmark, Version 1, Release 27NA
Updated CPE-OVAL to avoid mistakenly identifying non-RHEL systems as applicable.
Red Hat Enterprise Linux 6 STIG, Version 1, Release 25V-38608
V-38608 - Updated the finding statement to allow for values less than or equal to "900".
V-38617V-38617 - Updated the check command; added example text and refined the finding statement.
V-38655V-38655 - Updated the check content to focus on "removable media" and added example text.
V-100011V-100011 - Added a requirement to remove any ".shosts" and/or "shosts.equiv" files on the system.
V-100013V-100013 - Added a requirement for the configuration of MACs in SSH.
Red Hat Enterprise Linux 7 STIG Benchmark, Version 2, Release 7V-72281
V-72281 - Disable and remove the rule from the benchmark bundle.
V-72417Updated OVAL to no longer check for the "esc" package.
V-72067V-72067 - Updated OVAL to avoid a false positive.
V-72221V-72221 - Updated OVAL to avoid a false positive.
V-72253V-72253 - Updated OVAL to avoid a false positive.
Red Hat Enterprise Linux 7 STIG, Version 2, Release 7V-71861
V-71861 - Removed references to specific graphic display managers and changed "GUI" to graphical user interface to reduce possible confusion.
V-71971V-71971 - Updated the check content to allow for organizationally defined roles.
V-72029V-72029 - Updated the check content to reference ownership and not group ownership.
V-72081V-72081 - Updated the finding statements for clarity.
V-72225
V-72225 - Updated the check and fix to correct errors in the listed DoD Banner text.
V-72281V-72281 - Updated the check content to verify the /etc/resolv.conf file is "immutable".
V-72417V-72417 - Removed the "esc" package from the requirement.
V-94843V-94843 - Updated the file path in the check command.V-94843 - Removed references to specific graphic display managers and changed "GUI" to graphical user interface to reduce possible confusion. Added a "Not Applicable" statement to the check.V-94843 - Corrected an incorrect file path in the check command.
TBDV-100023 - Added a requirement to disable the automount feature in the graphical user interface.
Router SRG, Version 3, Release 5V-55757
V-55757 - Mapped STIGID to a parent NET.SRG SRGID.
V-55759V-55759 - Mapped STIGID to a parent NET.SRG SRGID.
V-55761V-55761 - Mapped STIGID to a parent NET.SRG SRGID.
V-55769V-55769 - Mapped STIGID to a parent NET.SRG SRGID.
V-55773V-55773 - Mapped STIGID to a parent NET.SRG SRGID.
V-78211
V-78211 - Mapped STIGID to a parent NET.SRG SRGID.
V-78265V-78265 - Mapped STIGID to a parent NET.SRG SRGID.
V-78317V-78317 - Mapped STIGID to a parent NET.SRG SRGID.
V-78319V-78319 - Corrected rule title, check, and fix content.
V-78321V-78321 - Corrected rule title, check, and fix content.
V-100095V-100095 - Add generic requirement SRG-NET-000512-RTR-000100 for CCI 266.
Samsung Android OS 7 with Knox 2.x STIG, Version 1, Release 7V-100003
V-100003 - Added new requirement to sunset STIG.
Samsung Android OS 8 with Knox 3.x COBO STIG, Version 1, Release 5V-80223
V-80223 - Updated requirement to allow the use of additional Bluetooth Profiles: A2DP (Advanced Audio Distribution Profile), AVRCP (Audio/Video Remote Control Profile), and PBAP (Phone Book Access Profile).
Samsung Android OS 8 with Knox 3.x COPE STIG, Version 1, Release 5V-80357
V-80357 - Updated requirement to allow the use of additional Bluetooth Profiles: A2DP (Advanced Audio Distribution Profile), AVRCP (Audio/Video Remote Control Profile), and PBAP (Phone Book Access Profile).
Samsung Android OS 9 Knox 3-x COBO KPE AE STIG, Version 1, Release 3V-92891
V-92891 - Updated requirement to allow the use of additional Bluetooth Profiles: A2DP (Advanced Audio Distribution Profile), AVRCP (Audio/Video Remote Control Profile), and PBAP (Phone Book Access Profile).
Samsung Android OS 9 Knox 3-x COBO KPE Legacy STIG, Version 1, Release 3V-93597
V-93597 - Updated requirement to allow the use of additional Bluetooth Profiles: A2DP (Advanced Audio Distribution Profile), AVRCP (Audio/Video Remote Control Profile), and PBAP (Phone Book Access Profile).
Samsung Android OS 9 Knox 3-x COPE KPE AE STIG, Version 1, Release 3V-93793
V-93793 - Updated requirement to allow the use of additional Bluetooth Profiles: A2DP (Advanced Audio Distribution Profile), AVRCP (Audio/Video Remote Control Profile), and PBAP (Phone Book Access Profile).
Samsung Android OS 9 Knox 3-x COPE KPE Legacy STIG, Version 1, Release 3V-93891
V-93891 - Updated requirement to allow the use of additional Bluetooth Profiles: A2DP (Advanced Audio Distribution Profile), AVRCP (Audio/Video Remote Control Profile), and PBAP (Phone Book Access Profile).
SDN Controller SRG, Version 1, Release 2V-100101
V-100101 - Add generic requirement for SRG-NET-000512-SDN-002000 CCI 266.
Solaris 10 SPARC STIG Benchmark, Version 1, Release 23NA
Rebundled benchmark for updated Rule ID.
Solaris 10 SPARC STIG, Version 1, Release 27V-22429
V-22429 - Corrected CCI typo to CCI-000366.
Solaris 10 x86 STIG Benchmark, Version 1, Release 24NA
Rebundled benchmark for updated Rule ID.
Solaris 10 x86 STIG, Version 1, Release 27V-22429
V-22429 - Corrected CCI typo to CCI-000366.
Solaris 11 SPARC STIG, Version 1, Release 21V-47951
V-47951 - Removed the requirement from the STIG.
V-47945V-47945 - Removed the requirement from the STIG.
Solaris 11 x86 STIG, Version 1, Release 21V-47951
V-47951 - Removed the requirement from the STIG.
V-47945V-47945 - Removed the requirement from the STIG.
SUSE Linux Enterprise Server 12 STIG, Version 1, Release 5V-99011
V-99011 - Downgraded the severity of the requirement from CAT I to CAT II.
V-77049V-77049 - Removed references to specific graphic display managers and changed "GUI" to graphical user interface to reduce possible confusion.
V-77055V-77055 - Removed references to specific graphic display managers and changed "GUI" to graphical user interface to reduce possible confusion.
V-77057
V-77057 - Removed references to specific graphic display managers and changed "GUI" to graphical user interface to reduce possible confusion.
V-77059V-77059 - Removed references to specific graphic display managers and changed "GUI" to graphical user interface to reduce possible confusion.
V-77061V-77061 - Removed references to specific graphic display managers and changed "GUI" to graphical user interface to reduce possible confusion.
V-77065V-77065 - Removed references to specific graphic display managers and changed "GUI" to graphical user interface to reduce possible confusion.
V-77133V-77133 - Removed references to specific graphic display managers and changed "GUI" to graphical user interface to reduce possible confusion.
Symantec ProxySG ALG STIG, Version 1, Release 3V-94235
V-94235 - Change check and fix procedure to allow banner statement to trigger. Fix now requires the creation of a new web access layer for the banner rather and requiring that access layer be processed first. This ensures that the banner will always trigger.
V-94285V-94285 - Add a note to the Vulnerability Discussion.
V-94287V-94287 - Add a note to the Vulnerability Discussion.
Tanium 6.5 STIG, Version 1, Release 3V-99629
V-99629 - Added CAT 1 to sunset Tanium 6.3, which is EOL and out of vendor support.
Video Services Policy STIG, Version 1, Release 11V-17706
V-17706 - updated HTTP link in text.
VMware AirWatch v9.x MDM STIG, Version 1, Release 2V-99999
V-99999 - Added new requirement to sunset STIG.
VMware vSphere 6.5 ESXi STIG, Version 1, Release 4V-94481
V-94481 - Removed deprecated settings ESXI-65-0000073, ESXI-65-0000074.
V-94483V-94483 - Removed deprecated settings ESXI-65-0000073, ESXI-65-0000074.
V-94507V-94507 - Removed duplicates ESXI-65-200037, ESXI-65-300037, ESXI-65-100038, ESXI-65-200038, ESXI-65-300038, ESXI-65-100039, ESXI-65-300039, ESXI-65-100040, ESXI-65-200040, ESXI-65-300040.
V-94509V-94509 - Removed duplicates ESXI-65-200037, ESXI-65-300037, ESXI-65-100038, ESXI-65-200038, ESXI-65-300038, ESXI-65-100039, ESXI-65-300039, ESXI-65-100040, ESXI-65-200040, ESXI-65-300040.
V-94511V-94511 - Removed duplicates ESXI-65-200037, ESXI-65-300037, ESXI-65-100038, ESXI-65-200038, ESXI-65-300038, ESXI-65-100039, ESXI-65-300039, ESXI-65-100040, ESXI-65-200040, ESXI-65-300040.
V-94529V-94529 - Removed duplicates ESXI-65-200037, ESXI-65-300037, ESXI-65-100038, ESXI-65-200038, ESXI-65-300038, ESXI-65-100039, ESXI-65-300039, ESXI-65-100040, ESXI-65-200040, ESXI-65-300040.
V-94531V-94531 - Removed duplicates ESXI-65-200037, ESXI-65-300037, ESXI-65-100038, ESXI-65-200038, ESXI-65-300038, ESXI-65-100039, ESXI-65-300039, ESXI-65-100040, ESXI-65-200040, ESXI-65-300040.
V-94533V-94533 - Removed duplicates ESXI-65-200037, ESXI-65-300037, ESXI-65-100038, ESXI-65-200038, ESXI-65-300038, ESXI-65-100039, ESXI-65-300039, ESXI-65-100040, ESXI-65-200040, ESXI-65-300040.
V-94535V-94535 - Removed duplicates ESXI-65-200037, ESXI-65-300037, ESXI-65-100038, ESXI-65-200038, ESXI-65-300038, ESXI-65-100039, ESXI-65-300039, ESXI-65-100040, ESXI-65-200040, ESXI-65-300040.
V-94543V-94543 - Removed duplicates ESXI-65-200037, ESXI-65-300037, ESXI-65-100038, ESXI-65-200038, ESXI-65-300038, ESXI-65-100039, ESXI-65-300039, ESXI-65-100040, ESXI-65-200040, ESXI-65-300040.
V-94545V-94545 - Removed duplicates ESXI-65-200037, ESXI-65-300037, ESXI-65-100038, ESXI-65-200038, ESXI-65-300038, ESXI-65-100039, ESXI-65-300039, ESXI-65-100040, ESXI-65-200040, ESXI-65-300040.
V-94547V-94547 - Removed duplicates ESXI-65-200037, ESXI-65-300037, ESXI-65-100038, ESXI-65-200038, ESXI-65-300038, ESXI-65-100039, ESXI-65-300039, ESXI-65-100040, ESXI-65-200040, ESXI-65-300040.
V-94549V-94549 - Removed duplicates ESXI-65-200037, ESXI-65-300037, ESXI-65-100038, ESXI-65-200038, ESXI-65-300038, ESXI-65-100039, ESXI-65-300039, ESXI-65-100040, ESXI-65-200040, ESXI-65-300040.
V-100543V-100543 - Reinstate requirement.
VMware vSphere 6.5 ESXi STIG, Version 6, Release 45V-17982
Updated Addendum for CICS PARTITIONSET.
VMware vSphere 6.5 vCenter Server for Windows STIG, Version 1, Release 4V-94757
V-94757 - Altered check/fix in VCWN-65-000023.
V-94839V-94839 - Altered check/fix in VCWN-65-000068.
V-94841V-94841 - Altered check/fix in VCWN-65-000069.
Voice Video Endpoint SRG, Version 1, Release 10V-66799
V-66799 - updated HTTP link in text.
z/OS ACF2 STIG, Version 7, Release 2V-98043
V-98043 - Updated requirement for clarification of users.
z/OS CA 1 Tape Management for ACF2 STIG , Version 6, Release 45NA
Modified CA-TAPE table in z/OS Addendum.Updated the STIG Addendum Table 11-7 for FORNORES to include an UPDATE access.
z/OS CA 1 Tape Management for RACF STIG , Version 6, Release 45NA
Modified CA-TAPE table in z/OS Addendum.Updated the STIG Addendum Table 11-7 for FORNORES to include an UPDATE access.
z/OS CA 1 Tape Management for TSS STIG , Version 6, Release 45NA
Modified CA-TAPE table in z/OS Addendum.
Updated the STIG Addendum Table 11-7 for FORNORES to include an UPDATE access.
z/OS Cross Ref of SRRAUDIT spreadsheet, Version 6, Release 45V-17982
V-17982 - Added new resource, COPYCAT, for evaluation.V-17982 - Change access requirements for FORNORES resource.V-17982 - Change access requirements for AUTINSTMODEL resource.V-17982 - Change access requirements for PARTITIONSET resource.
z/OS RACF STIG, Version 7, Release 2V-98141
V-98141 - Updated requirement to consider Passphrases.
V-97567V-97567 - Updated requirement for clarification of users.
z/OS SRR Scripts, Version 6, Release 45V-17982
V-17982 - Added new resource, COPYCAT, for evaluation.V-17982 - Change access requirements for FORNORES resource.V-17982 - Change access requirements for AUTINSTMODEL resource.V-17982 - Change access requirements for PARTITIONSET resource.
V-284V-284 - Change to include Password Phrase date in evaluation.
V-17947V-17947 - Corrected problem with resource not being properly evaluated.
z/OS TSS STIG, Version 7, Release 2TBD
TBD - Created missing vulnerability for LINKLIST in TSS.
V-98517V-98517 - Updated requirement for clarification of users.
zOS IBM CICS Transaction Server for ACF2 STIG, Version 6, Release 45NA
Updated Addendum for CICS AUTINSTMODEL/AUTINSTM.
V-17982Updated Addendum for CICS PARTITIONSET.
zOS IBM CICS Transaction Server for ACF2 STIG, Version 6, Release 6NA
Repackaging to correct xml file name.
zOS IBM CICS Transaction Server for RACF STIG, Version 6, Release 45NA
Updated Addendum for CICS AUTINSTMODEL/AUTINSTM.
V-17982Updated Addendum for CICS PARTITIONSET.
zOS IBM CICS Transaction Server for RACF STIG, Version 6, Release 6NA
Repackaging to correct xml file name.
zOS IBM CICS Transaction Server for TSS STIG, Version 6, Release 45NA
Updated Addendum for CICS AUTINSTMODEL/AUTINSTM.
zOS IBM CICS Transaction Server for TSS STIG, Version 6, Release 6NA
Repackaging to correct xml file name.
(blank)(blank)
(blank)
