STIGQter STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019:

A PC communications application is not maintained at the current/latest approved patch or version/upgrade level.

DISA Rule

SV-17101r1_rule

Vulnerability Number

V-16113

Group Title

Deficient Imp’n: PCCC Application Version

Rule Version

VVoIP 1700 (GENERAL)

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Ensure PC voice, video, UC, and/or collaboration communications applications are maintained at the current/latest approved patch or version/upgrade level.

Implement the current/latest approved patch or version/upgrade level to utilize the latest IA mitigations. If an outdated application version is no longer in use, un-install it. If the latest version is not approved, submit it for testing and approval to ensure the latest IA mitigations are available and used.

Check Contents

Inspect a random sample of PC communications applications to determine if the latest approved version(s) is in use. This is a finding if the latest approved version is not installed on the inspected PCs.

Vulnerability Number

V-16113

Documentable

False

Rule Version

VVoIP 1700 (GENERAL)

Severity Override Guidance

Inspect a random sample of PC communications applications to determine if the latest approved version(s) is in use. This is a finding if the latest approved version is not installed on the inspected PCs.

Check Content Reference

M

Potential Impact

Compromise of the supported communications or the supporting network.

Responsibility

Information Assurance Officer

Target Key

594

Comments