UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The container platform must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.


Overview

Finding ID Version Rule ID IA Controls Severity
V-233133 SRG-APP-000266-CTR-000625 SV-233133r599613_rule Medium
Description
The container platform is responsible for offering services to users. These services could be across diverse user groups and data types. To protect information about the container platform, services, users, and data, it is important during error message generation to offer enough information to diagnose the error, but not reveal information that needs to be protected.
STIG Date
Container Platform Security Requirements Guide 2020-11-24

Details

Check Text ( C-36069r599612_chk )
Review documentation and logs to determine if the container platform writes sensitive information such as passwords or private keys into the logs and administrative messages.

If the container platform writes sensitive or potentially harmful information into the logs and administrative messages, this is a finding.
Fix Text (F-36037r599036_fix)
Configure the container platform to not write sensitive information into the logs and administrative messages.