Limited Use Cases for CIS-CAT Pro Assessor v3

• Utilize version 3.0.76 as previous versions have vulnerabilities in third party dependent libraries. See our informational article for more information: CIS-CAT Pro Assessor v3 Vulnerability updates

• Utilize standard and stable versions of Java Runtime Environment/Java Development Kit (JRE/JDK) or openJDK as defined in the User Guide.

• Migrate vulnerability assessment processes to Assessor v4 as CVE information will no longer be updated in monthly releases

• Perform configuration assessments for CIS Benchmarks officially supported with v3.0.76 and listed in the User Guide in the “Supported Benchmarks” section

  • Future and past CIS Benchmark assessment content may work, but is not guaranteed as no further testing will be performed by CIS for this version.

• Perform configuration assessments using the CIS-CAT Pro Assessor v3 dissolvable bundle (now includes JRE 8 ) or develop custom workflows with Assessor v4 to utilize a shared JRE/JDK

• Produce configuration assessment reports, when required to utilize an official SCAP validated tool

note

The Center for Internet Security’s Support Team will assist Members with questions regarding the availability of CIS-CAT Pro Assessor v3.0.76, but will no longer offer support on the function of the tool.

Keywords; EOL v3 3.0.76

Content by Label