Forescout must be running an operating system release that is currently supported by the vendor.
An XCCDF Rule
Description
<VulnDiscussion>Network devices running an unsupported operating system lack current security fixes required to mitigate the risks associated with recent vulnerabilities. In Oct 2021, there is plan to make Version 7 end-of-life. This will be stated on the product lifecycle page of the Forescout website. All versions of V8 and above are authorized for use in DoD. Version 8 or later is mandatory after October 2021.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-230953r961863_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Check that Forescout is still running supported operating system versions and that all vulnerability patches and updates have been applied.
Establish and document a procedure that requires the auditing of OS versions and any patches and updates have been applied in accordance with Forescout support website lifecycle page.