Documentation - V-279100

V-279100

Adobe ColdFusion Security Technical Implementation Guide

CAT II

Title

ColdFusion must be set to automatically check for updates.

Description

<VulnDiscussion>Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. To configure the software to discover that a new patch is available is important since administrators may be responsible for multiple servers running different applications and services, making it difficult for the administrator to constantly check for updates. Enabling the automatic check informs the adm...

Fix Text (Documentation Requirement)

Configure ColdFusion to check for updates. 1. If the ColdFusion server has access to a patch repository: a. From the Admin Console Landing Screen, navigate to Package Manager >> Settings. b. Enable the "Automatically Check for Updates" option by checking the box. c. Save the configuration. 2. If the ColdFusion server does not have access to a patch repository: a. Develop and maintain documented procedures describing the manual update process. b. Ensure the documentation includes the location where patches and updates will be obtained (e.g., Adobe website, internal repository) and the frequency with which updates will be checked (e.g., weekly, monthly).

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel