Finding messages for the Server Software risk vector:
GOOD
Software version is supported
The software version is up-to-date.
Servers: All
OS-specific software version is supported
The software version is up-to-date for this operating system distribution.
BAD
Version is no longer supported by Microsoft
Microsoft no longer supports this version of IIS.
Server: IIS
Remediation Tips: Update IIS to a supported version. See supported versions.
Software version is unsupported
The installed software is unsupported.
Servers: Apache, PHP, OpenSSH, WordPress
Remediation Tips: Review the list of supported server software and ensure the latest version is installed.
OS-specific software version is unsupported
The detected operating system is up-to-date, but the software version is not the latest available for the installed OS distribution.
Servers: Apache, PHP, and OpenSSH
Remediation Tips: Update to the latest version and restart the associated services.
Version is no longer supported by WordPress
WordPress has released a new version.
Server: WordPress
Remediation Tips: Update WordPress to a supported version. See supported versions.
OS release is unsupported
The OS vendor has released a new version that addresses bugs, stability issues, and vulnerabilities.
Servers: All
Remediation Tips: Ensure that a supported version of the OS distribution is installed. See supported server software.
NEUTRAL
Patch status is unknown
We could not verify the latest security updates have been installed via Windows Update.
Servers: All
OS-specific software version is unknown
We could not verify that the server software has received enterprise support (patches) as the installed OS version could not be detected.
Servers: All
Software version is incomplete
We could not verify that the software version is supported since the server is configured to report an incomplete version. As this is arguably a security best practice, the grade strictly reflects the fact that the software’s support status is unknown.
Servers: All
Support status is unknown
We are unable to determine the security patch status of the installed software.
Servers: All
- September 11, 2023: Published.
Feedback
0 comments
Please sign in to leave a comment.