Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
MariaDB Enterprise 10.x Security Technical Implementation Guide
SRG-APP-000454-DB-000389
SRG-APP-000454-DB-000389
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-APP-000454-DB-000389
1 Rule
<GroupDescription></GroupDescription>
When updates are applied to the MariaDB software, any software components that have been replaced or made unnecessary must be removed.
Medium Severity
<VulnDiscussion>Previous versions of MariaDB components that are not removed from the information system after updates have been installed may be exploited by adversaries. MariaDB may remove older versions of software automatically from the information system. In other cases, manual review and removal will be required. In planning installations and upgrades, organizations must include steps (automated, manual, or both) to identify and remove the outdated modules. A transition period may be necessary when both the old and the new software are required. This should be taken into account in the planning.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>