1.3 Keep Docker up to date

Information

There are frequent releases for Docker software that address security vulnerabilities, product bugs and bring in new functionality. Keep a tab on these product updates and upgrade as frequently as when new security vulnerabilities are fixed or deemed correct for your organization.

Rationale:

By staying up to date on Docker updates, vulnerabilities in the Docker software can be mitigated. An educated attacker may exploit known vulnerabilities when attempting to attain access or elevate privileges. Not installing regular Docker updates may leave you with running vulnerable Docker software. It might lead to elevation privileges, unauthorized access or other security breaches. Keep a track of new releases and update as necessary.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Keep a track of Docker releases and update as necessary.

Impact:

None.

Default Value:

Not Applicable

See Also

https://workbench.cisecurity.org/files/1476

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-2c.

Plugin: Unix

Control ID: 46a7e7c21ee791c6ba54f2abe58e94165993b617e21dc73c902281dfa145f3f4