STIGQter: STIG Summary: Application Server Security Requirements Guide Version: 3 Release: 1 Benchmark Date: 23 Oct 2020:

The application server must be capable of reverting to the last known good configuration in the event of failed installations and upgrades.

DISA Rule

SV-204742r508029_rule

Vulnerability Number

V-204742

Group Title

SRG-APP-000133

Rule Version

SRG-APP-000133-AS-000093

Severity

CAT II

CCI(s)

• CCI-001499 - The organization limits privileges to change software resident within software libraries.

Weight

10

Fix Recommendation

Configure the application server to automatically rollback to a known good configuration in the event of failed application installations and application server upgrades.

Check Contents

Check the application server documentation and configuration to determine if the application server provides an automated rollback capability to a known good configuration in the event of a failed installation and upgrade.

If the application server is not configured to meet this requirement, this is a finding.

Vulnerability Number

V-204742

Documentable

False

Rule Version

SRG-APP-000133-AS-000093

Severity Override Guidance

Check the application server documentation and configuration to determine if the application server provides an automated rollback capability to a known good configuration in the event of a failed installation and upgrade.

If the application server is not configured to meet this requirement, this is a finding.

Check Content Reference

M

Target Key

2900

Comments