V-255891
SV-255891r961677_rule
CAT II
The WebSphere Application Server must remove organization-defined software components after updated versions have been installed.
From: IBM WebSphere Traditional V9.x Security Technical Implementation Guide (V2R1)
Description
<VulnDiscussion>By default, when updating WebSphere application server, the older version of binaries are saved in case a "roll back" is necessary. Not keeping the older version makes it more difficult for attackers to "revert" back to the older version.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Review System Security Plan and system documentation to locate the "IBM InstallationManager" folder.
Default locations are:
UNIX:
/opt/InstallationManager
Windows:
C:\Program Files\InstallationManager
UNIX:
<IMHOME>/eclipse/tools/imcl -c
Select "P" preferences.
Select "3" Files for rollback.
Windows:
<IMHOME>\eclipse\tools\imcl.exe -c
Select "P" preferences.
Select "3" Files for rollback.
If "Save files for rollback" is checked, this is a finding.
Fix Text
Review System Security Plan and system documentation to locate the "IBM InstallationManager" folder.
Default locations are:
UNIX:
/opt/InstallationManager
Windows:
C:\Program Files\InstallationManager
UNIX:
<IMHOME>/eclipse/tools/imcl -c
Select "P" preferences.
Select "3" Files for rollback.
Enter "1" to deselect.
Enter "A" for apply.
Enter "R" to return to Main Menu.
Windows:
<IMHOME>\eclipse\tools\imcl.exe -c
Select "P" preferences.
Select "3" Files for rollback.
Enter "1" to deselect.
Enter "A" for apply.
Enter "R" to return to Main Menu.
CCI Reference
CCI-002617- Created
- 2026-04-07 20:08:19
- Last Updated
- 2026-04-07 20:08:19