Rule ID
SV-284546r1244959_rule
Version
V1R1
CCIs
Security flaws with software are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (including any contractor to the organization) are required to promptly install security-relevant software updates. Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling must also be addressed expeditiously.
1. Check the vendor portal to obtain the version and release dates for the latest releases. 2. Navigate to Maintenance >> System >> Platform to inspect the version number of the installed release. If software updates are not being installed within 30 days from publication, this is a finding.
Regularly log in to the Ivanti Success Portal to check for new maintenance releases. Back Up Configuration (Pre-Update): 1. Navigate to Maintenance >> Archiving >> Configuration Archive. 2. Select "Save Config As..." and download the binary configuration file. 3. Export User and Admin local databases separately if there are a large number of local accounts. 4. Download and verify the image. 5. Download the appropriate .pkg or system image from Ivanti. 6. Run a SHA-256 checksum on the downloaded file and compare it against the hash provided on the Ivanti download page. Install the Update: 1. Go to Maintenance >> System >> Upgrade. 2. Under "Upload and Install System Software", click "Browse" and select the verified update file. 3. Click "Install". The appliance will automatically reboot. Note: Log the date of the update to show it was completed within the mandated 30-day window.