界: Environment

このセクションには、ソースコード以外のものでも、作成中の製品のセキュリティにとって重要なものがすべて含まれています。この分野が対象とする問題は、ソースコードに直接関係しないため、この分野の他の部分と分けました。

AWS Terraform Misconfiguration: Aurora Auto-Upgrade Disabled

Abstract

構成は、ソフトウェアの自動アップグレードをオフにします。

Explanation

既知のソフトウェアの脆弱性にタイムリーにパッチを適用するソフトウェア自動アップグレードは無効になっています。

References

[1] Standards Mapping - CIS Amazon Web Services Foundations Benchmark Recommendation 2.3.2

[2] Standards Mapping - FIPS200 CM

[3] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection

[4] Standards Mapping - NIST Special Publication 800-53 Revision 4 SI-2 Flaw Remediation (P1)

[5] Standards Mapping - NIST Special Publication 800-53 Revision 5 SI-2 Flaw Remediation

[6] Standards Mapping - OWASP API 2023 API8 Security Misconfiguration

[7] Standards Mapping - OWASP Top 10 2017 A9 Using Components with Known Vulnerabilities

[8] Standards Mapping - OWASP Top 10 2021 A06 Vulnerable and Outdated Components

[9] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.2

[10] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.3.3

[11] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0.1 Requirement 6.3.3

[12] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 10.2 - Threat and Vulnerability Management

[13] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 10.2 - Threat and Vulnerability Management

[14] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 10.2 - Threat and Vulnerability Management, Control Objective C.1.6 - Web Software Components & Services

desc.structural.iac.misconfiguration_auto_upgrade_disabled.base