Details

As new security vulnerabilities are discovered, the corresponding fixes are implemented by your NGINX software package provider. Installing the latest software version ensures these fixes are available on your system.

Rationale:

Up-to-date software provides the best possible protection against exploitation of security vulnerabilities, such as the execution of malicious code.

Solution

To install the latest NGINX package, run the following command:

yum update nginx -y

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/2275https://workbench.cisecurity.org/files/2275https://workbench.cisecurity.org/files/2275https://workbench.cisecurity.org/files/2275

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Unix.

References

• 800-53|SI-2c.
• CSCv7|3.4
• CSCv7|3.5

Source

• Tenable.com/audits