Check: CNTR-PC-001440
Palo Alto Networks Prisma Cloud Compute STIG:
CNTR-PC-001440
(in versions v1 r3 through v1 r1)
Title
Prisma Cloud Compute must be running the latest release. (Cat II impact)
Discussion
Prisma Cloud Compute releases are distributed as Docker images. Each release updates or removes components as needed based on the vulnerabilities associated with the component or the functional need of the component.
Check Content
Navigate to the Prisma Cloud Compute Console. In the top right corner, click the bell icon. A banner with the version will display. If there is a newer version, this is a finding.
Fix Text
Upgrade the Prisma Cloud Compute Console and Defenders according to published procedures. https://docs.twistlock.com/docs/compute_edition/upgrade/upgrade_process_self_hosted.html
Additional Identifiers
Rule ID: SV-253549r879825_rule
Vulnerability ID: V-253549
Group Title: SRG-APP-000454-CTR-001110
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002587 |
The organization documents information system media downgrading actions. |
CCI-002617 |
The organization removes organization-defined software components (e.g., previous versions) after updated versions have been installed. |