Since upgrading to CIS-CAT Pro Assessor v4.18.0 my Centralized scans are failing with an error related to the 2003 Windows Benchmark

Owned by Amanda McGown, created
Last updated: Jun 22, 2022
1 min read

Product Name

CIS-CAT Pro Assessor

Product Version

v4.18.0+

Date

Jun 22, 2022

 

Problem

I’m getting another error. “\benchmarks\CIS_Microsoft_Windows_Server_2003_Benchmark_v3.1.0-xccdf.xml does not exist.”

Indeed when I inspect the Assessor\benchmarks folder, the Server 2003 benchmark does not exist.

Solution

The 2003 Benchmark call is a current bug with the Assessor v4.18.0 Centralized script. That Benchmark went End of Life this year but was left as a line in the .bat file.

  1. Open in a word editing software the cis-cat-centralized-ccpd.bat or cis-cat-centralized.bat [based on which kind of centralized scan you would like to run]

  2. Navigate to lines 118 & 129 need to be commented out :: so that Assessor skips that check.

    ::SET Benchmark=CIS_Microsoft_Windows_Server_2003_Benchmark_v3.1.0-xccdf.xml :: :: The Benchmark Profile to execute. A list of profiles, delimited by a :: space (" ") can be provided to evaluate multiple profiles. :: :: Note: This value will be overridden if AUTODETECT=1. :: Note: This value will be overridden if a benchmark is specified via :: the command line. :: ::SET Profiles=xccdf_org.cisecurity.benchmarks_profile_Level_1_-_Domain_Controller xccdf_org.cisecurity.benchmarks_profile_Level_1_-_Member_Server

     

  3. Save & close

  4. Try to run the Centralized Assessment again.

 

If this does not resolve the error please:

  1. Clear out any existing Assessor logs

  2. Rerun a fresh Centralized scan

  3. Open a support ticket here: https://cisecurity.org/support

  4. Attach the files listed in this article: Diagnostic / debug information to troubleshoot CIS-CAT PRO Assessor v4 issues.

Keywords; Centralized Scans 2003 CIS_Microsoft_Windows_Server_2003_Benchmark_v3.1.0-xccdf.xml

Content by Label

Copyright © 2022

Center for Internet Security®