The Enterprise Voice, Video, and Messaging Endpoint must be configured with a firmware release supported by the vendor.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-259980 | SRG-NET-000512-VVEP-00101 | SV-259980r948907_rule | CCI-000366 | high |
| Description | ||||
| Operating a device with outdated firmware may leave the device with unmitigated security vulnerabilities. Vendors routinely update and patch firmware to address vulnerabilities. Operating with current supported firmware mitigates the vulnerabilities known by the vendor. | ||||
| STIG | Date | |||
| Enterprise Voice, Video, and Messaging Endpoint Security Requirements Guide | 2024-08-02 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-6
1.00
- DISA · 1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
- DISA · 1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
- DISA · 1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
- DISA · 1 · disa_xccdf · related
Details
Check Text (C-259980r948907_chk)
Verify the firmware release installed on the Enterprise Voice, Video, and Messaging Endpoint is currently supported by the vendor.
If the firmware release installed on the Enterprise Voice, Video, and Messaging Endpoint is not currently supported by the vendor, this is a finding.
Fix Text (F-63618r948906_fix)
Install a currently supported firmware release supplied by the vendor onto the Enterprise Voice, Video, and Messaging Endpoint.