Documentation - V-222630

V-222630

Application Security and Development Security Technical Implementation Guide

CAT II

Title

The Configuration Management (CM) repository must be properly patched and STIG compliant.

Description

<VulnDiscussion>A Configuration Management (CM) repository is used to manage application code versions and to securely store application code. Failure to properly apply security patches and secure the software Configuration Management system could affect the confidentiality and integrity of the application source-code. Compromise of the Configuration Management system could lead to unauthorized changes to applications including the addition of malware, root kits, back doors, logic bombs or o...

Fix Text (Documentation Requirement)

Patch the CM system when new security patches are made available and apply the relevant STIGs.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel