800-53|SI-2(6)

Title

REMOVAL OF PREVIOUS VERSIONS OF SOFTWARE / FIRMWARE

Description

The organization removes [Assignment: organization-defined software and firmware components] after updated versions have been installed.

Supplemental

Previous versions of software and/or firmware components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software and/or firmware automatically from the information system.

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Parent Title: FLAW REMEDIATION

Family: SYSTEM AND INFORMATION INTEGRITY

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.2.7 Ensure removal of software components after updateUnixCIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
6.3 Ensure removal of software components after updateUnixCIS Amazon Linux 2 STIG v1.0.0 L3
AIX7-00-003028 - AIX must remove all software components after updated versions have been installed.UnixDISA STIG AIX 7.x v3r1
Big Sur - Must remove all software components after updated versions installedUnixNIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Must remove all software components after updated versions installedUnixNIST macOS Catalina v1.5.0 - All Profiles
CD12-00-004300 - When updates are applied to PostgreSQL software, any software components that have been replaced or made unnecessary must be removed.UnixDISA STIG Crunchy Data PostgreSQL OS v3r1
CNTR-R2-001580 Rancher RKE2 must remove old components after updated versions have been installed.UnixDISA Rancher Government Solutions RKE2 STIG v2r2
DKER-EE-004130 - Docker Enterprise older Universal Control Plane (UCP) and Docker Trusted Registry (DTR) images must be removed from all cluster nodes upon upgrading.UnixDISA STIG Docker Enterprise 2.x Linux/Unix v2r2
JRE8-UX-000190 - Oracle JRE 8 must remove previous versions when the latest version is installed.UnixDISA STIG Oracle JRE 8 Unix v1r3
JRE8-WN-000190 - Oracle JRE 8 must remove previous versions when the latest version is installed.WindowsDISA STIG Oracle JRE 8 Windows v2r1
MADB-10-009200 - When updates are applied to the MariaDB software, any software components that have been replaced or made unnecessary must be removed.UnixDISA MariaDB Enterprise 10.x v2r2 OS Linux
MD4X-00-006300 - When updates are applied to MongoDB software, any software components that have been replaced or made unnecessary must be removed.UnixDISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS
MD7X-00-009100 When updates are applied to MongoDB software, any software components that have been replaced or made unnecessary must be removed.UnixDISA MongoDB Enterprise Advanced 7.x STIG v1r1
Monterey - Must remove all software components after updated versions installedUnixNIST macOS Monterey v1.0.0 - All Profiles
OL07-00-020200 - The Oracle Linux operating system must remove all software components after updated versions have been installed.UnixDISA Oracle Linux 7 STIG v3r1
OL08-00-010440 - YUM must remove all software components after updated versions have been installed on OL 8.UnixDISA Oracle Linux 8 STIG v2r2
PGS9-00-004300 - When updates are applied to PostgreSQL software, any software components that have been replaced or made unnecessary must be removed.UnixDISA STIG PostgreSQL 9.x on RHEL OS v2r5
PHTN-30-000066 - The Photon operating system must remove all software components after updated versions have been installed.UnixDISA STIG VMware vSphere 7.0 Photon OS v1r3
PHTN-40-000161 The Photon operating system must remove all software components after updated versions have been installed.UnixDISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1
PHTN-67-000070 - The Photon operating system must remove all software components after updated versions have been installed.UnixDISA STIG VMware vSphere 6.7 Photon OS v1r6
RHEL-07-020200 - The Red Hat Enterprise Linux operating system must remove all software components after updated versions have been installed.UnixDISA Red Hat Enterprise Linux 7 STIG v3r15
RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8.UnixDISA Red Hat Enterprise Linux 8 STIG v2r1
RHEL-09-214035 - RHEL 9 must remove all software components after updated versions have been installed.UnixDISA Red Hat Enterprise Linux 9 STIG v2r2
SLES-12-010570 - The SUSE operating system must remove all outdated software components after updated versions have been installed.UnixDISA SLES 12 STIG v3r1
SLES-15-010560 - The SUSE operating system must remove all outdated software components after updated versions have been installed.UnixDISA SLES 15 STIG v2r2
SQL6-D0-012700 - When updates are applied to SQL Server software, any software components that have been replaced or made unnecessary must be removed.MS_SQLDBDISA STIG SQL Server 2016 Instance DB Audit v3r2
UBTU-16-010570 - Advance package Tool (APT) must remove all software components after updated versions have been installed.UnixDISA STIG Ubuntu 16.04 LTS v2r3
UBTU-18-010017 - The Ubuntu operating system must be configured so that Advance package Tool (APT) removes all software components after updated versions have been installed.UnixDISA STIG Ubuntu 18.04 LTS v2r15
UBTU-20-010449 - The Ubuntu operating system must be configured so that Advance Package Tool (APT) removes all software components after updated versions have been installed.UnixDISA STIG Ubuntu 20.04 LTS v2r1
UBTU-22-214015 - Ubuntu 22.04 LTS must be configured so that the Advance Package Tool (APT) removes all software components after updated versions have been installed.UnixDISA STIG Canonical Ubuntu 22.04 LTS v2r2
WBSP-AS-001740 - The WebSphere Application Server must remove organization-defined software components after updated versions installed.UnixDISA IBM WebSphere Traditional 9 STIG v1r1
WBSP-AS-001740 - The WebSphere Application Server must remove organization-defined software components after updated versions installed.UnixDISA IBM WebSphere Traditional 9 STIG v1r1 Middleware
WBSP-AS-001740 - The WebSphere Application Server must remove organization-defined software components after updated versions installed.WindowsDISA IBM WebSphere Traditional 9 Windows STIG v1r1