STIG ID: SRG-APP-000454-MFP-000343 | SRG: SRG-APP-000454 | Severity: medium | CCI: | Vulnerability Id: V-205589
Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system.
Configure the Mainframe Product to remove all upgraded/replaced software components that are no longer required for operation.
Examine inventory of installed software components for the Mainframe Product.
If the Mainframe Product does not remove all upgraded/replaced software components that are no longer required for operation, this is a finding.