OpenControls Logo

STIG Viewer

ColdFusion must have the Java Runtime Environment (JRE) updated to the latest version.

Overview

Finding IDVersionRule IDIA ControlsSeverity
V-279110APAS-CF-001100SV-279110r1171432_ruleCCI-000366medium
Description
The JRE is a critical component of the ColdFusion server, providing the necessary runtime environment for executing Java applications. Keeping the JRE updated to the latest version is essential for maintaining the security and stability of the server. Outdated versions of the JRE may contain vulnerabilities that can be exploited by attackers to gain unauthorized access, execute arbitrary code, or cause denial of service. Regularly updating the JRE ensures that the server is protected against known vulnerabilities and benefits from the latest security enhancements and performance improvements.
STIGDate
Adobe ColdFusion Security Technical Implementation Guide2025-12-19

Related Frameworks

4 paths across 3 frameworks
NIST 800-531 mapping
CM-6
1.00
  • DISA · V1R1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
  • DISA · V1R1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
  • DISA · V1R1 · disa_xccdf · related
  • DISA · 2025-01-23 · disa_cci_list · equivalent
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
  • DISA · V1R1 · disa_xccdf · related

Details

Check Text (C-279110r1171432_chk)

Verify JRE. 1. From the Admin Console Landing Screen, navigate to the System Information page by clicking the "i" button on the right side of the top navbar. 2. Review the Java Version and verify it matches the latest version available. If the version is not the latest, this is a finding.

Fix Text (F-83563r1171431_fix)

Install the latest version of the supported JRE. 1. From the Admin Console Landing Screen, navigate to Server Settings >> Java and JVM. 2. Change the "Java Virtual Machine Path" value to the folder with the latest JRE. 3. Select "Submit Changes". 4. Restart ColdFusion.