An error occurred:

Check: SRG-APP-000456-DB-000400

Database SRG: SRG-APP-000456-DB-000400 (in versions v4 r2 through v4 r1)

Title

DBMS products must be a version supported by the vendor. (Cat I impact)

Discussion

Unsupported commercial and database systems should not be used because fixes to newly identified bugs will not be implemented by the vendor. The lack of support can result in potential vulnerabilities. Systems at unsupported servicing levels or releases will not receive security updates for new vulnerabilities, which leaves them subject to exploitation. When maintenance updates and patches are no longer available, the database software is no longer considered supported and should be upgraded or decommissioned.

Check Content

(DBMS Product, Version) is no longer supported by the vendor. If the system is running (DBMS Product, Version), this is a finding.

Fix Text

Upgrade unsupported DBMS or unsupported components to a supported version of the product.

Additional Identifiers

Rule ID: SV-265854r999381_rule

Vulnerability ID: V-265854

Group Title: SRG-APP-000456

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-003376

Replace system components when support for the components is no longer available from the developer, vendor, or manufacturer.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SA-22

Unsupported System Components