V-233290 | High | The container platform must prohibit or restrict the use of protocols that transmit unencrypted authentication information or use flawed cryptographic algorithms for transmission. | The use of secure ports, protocols and services within the container platform must be controlled and conform to the PPSM CAL. Those ports, protocols, and services that fall outside the PPSM CAL... |
V-233096 | High | For accounts using password authentication, the container platform must use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process. | Passwords need to be protected on entry, in transmission, during authentication, and when stored. If compromised at any of these security points, a nefarious user can use the password along with... |
V-233185 | High | The container platform runtime must prohibit the instantiation of container images without explicit privileged status. | Controlling access to those users and roles responsible for container image instantiation reduces the risk of untested or potentially malicious containers from being executed within the platform... |
V-233289 | High | The container platform must use a FIPS-validated cryptographic module to implement encryption services for unclassified information requiring confidentiality. | Unvalidated cryptography is viewed by NIST as providing no protection to the information or data. In effect, the data would be considered unprotected plaintext. If the agency specifies that the... |
V-233118 | High | The container platform must protect authenticity of communications sessions with the use of FIPS-validated 140-2 or 140-3 security requirements for cryptographic modules. | The container platform is responsible for pulling images from trusted sources and placing those images into its registry. To protect the transmission of images, the container platform must use... |
V-233058 | Medium | The container platform must protect audit information from unauthorized deletion. | If audit data were to become compromised, then forensic analysis and discovery of the true source of potentially malicious system activity would be impossible to achieve.
To ensure the veracity... |
V-233088 | Medium | The container platform must enforce a minimum 15-character password length. | The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
Password complexity, or strength, is a measure of the... |
V-233057 | Medium | The container platform must protect audit information from unauthorized modification. | If audit data were to become compromised, then forensic analysis and discovery of the true source of potentially malicious system activity would be impossible to achieve.
To ensure the veracity... |
V-233133 | Medium | The container platform must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | The container platform is responsible for offering services to users. These services could be across diverse user groups and data types. To protect information about the container platform,... |
V-233021 | Medium | The container platform must automatically disable accounts after a 35-day period of account inactivity. | Attackers that are able to exploit an inactive account can potentially obtain and maintain undetected access to an application. Owners of inactive accounts will not notice if unauthorized access... |
V-233020 | Medium | The container platform must automatically remove or disable temporary user accounts after 72 hours. | If temporary user accounts remain active when no longer needed or for an excessive period, these accounts may be used to gain unauthorized access. To mitigate this risk, automated termination of... |
V-233023 | Medium | The container platform must automatically audit account modification. | Once an attacker establishes access to a system, the attacker often attempts to create a persistent method of re-establishing access. One way to accomplish this is for the attacker to modify an... |
V-233022 | Medium | The container platform must automatically audit account creation. | Once an attacker establishes access to a system, the attacker often attempts to create a persistent method of re-establishing access. One way to accomplish this is for the attacker to create a new... |
V-233025 | Medium | The container platform must automatically audit account removal actions. | When application accounts are removed, user accessibility is affected. Once an attacker establishes access to an application, the attacker often attempts to remove authorized accounts to disrupt... |
V-233024 | Medium | The container platform must automatically audit account-disabling actions. | When application accounts are disabled, user accessibility is affected. Once an attacker establishes access to an application, the attacker often attempts to disable authorized accounts to disrupt... |
V-233027 | Medium | Least privilege access and need to know must be required to access the container platform runtime. | The container platform runtime is used to instantiate containers. If this process is accessed by those persons who are not authorized, those containers offering services can be brought to a denial... |
V-233026 | Medium | Least privilege access and need to know must be required to access the container platform registry. | The container platform registry is used to store images and is the keeper of truth for trusted images within the platform. To guarantee the images integrity, access to the registry must be limited... |
V-233029 | Medium | The container platform must enforce approved authorizations for controlling the flow of information within the container platform based on organization-defined information flow control policies. | Controlling information flow between the container platform components and container user services instantiated by the container platform must enforce organization-defined information flow... |
V-233028 | Medium | Least privilege access and need to know must be required to access the container platform keystore. | The container platform keystore is used to store access keys and tokens for trusted access to and from the container platform. The keystore gives the container platform a method to store the... |
V-233041 | Medium | The container platform must initiate session auditing upon startup. | When the container platform is started, container platform components and user services can also be started. It is important that the container platform begin auditing on startup in order to... |
V-233211 | Medium | The container platform must implement NSA-approved cryptography to protect classified information in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data and images. The container platform must implement cryptographic modules adhering to... |
V-233095 | Medium | For container platform using password authentication, the application must store only cryptographic representations of passwords. | Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read and easily compromised. Use of... |
V-233102 | Medium | The container platform must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals. | To prevent the compromise of authentication information such as passwords during the authentication process, the feedback from the container platform and its components, e.g., runtime, registry,... |
V-233101 | Medium | The container platform must map the authenticated identity to the individual user or group account for PKI-based authentication. | The container platform and its components may require authentication before use. When the authentication is PKI-based, the container platform or component must map the certificate to a user... |
V-233106 | Medium | The container platform must employ strong authenticators in the establishment of non-local maintenance and diagnostic sessions. | If maintenance tools are used by unauthorized personnel, they may accidentally or intentionally damage or compromise the system. The act of managing systems and applications includes the ability... |
V-233105 | Medium | The container platform must provide an audit reduction capability that supports on-demand reporting requirements. | The ability to generate on-demand reports, including after the audit data has been subjected to audit reduction, greatly facilitates the organization's ability to generate incident reports as... |
V-233108 | Medium | The application must terminate all network connections associated with a communications session at the end of the session, or as follows: for in-band management sessions (privileged sessions), the session must be terminated after 10 minutes of inactivity; | Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port... |
V-233097 | Medium | The container platform must enforce 24 hours (one day) as the minimum password lifetime. | Enforcing a minimum password lifetime helps prevent repeated password changes to defeat the password reuse or history enforcement requirement.
Restricting this setting limits the user's ability... |
V-233019 | Medium | The container platform must use a centralized user management solution to support account management functions. | Enterprise environments make application account management challenging and complex. A manual process for account management functions adds the risk of a potential oversight or other error.
A... |
V-233222 | Medium | The container platform must protect against or limit the effects of all types of denial-of-service (DoS) attacks by employing organization-defined security safeguards. | DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.
This... |
V-233056 | Medium | The container platform must protect audit information from any type of unauthorized read access. | If audit data were to become compromised, then competent forensic analysis and discovery of the true source of potentially malicious system activity is difficult if not impossible to achieve. In... |
V-233220 | Medium | The container platform keystore must implement encryption to prevent unauthorized disclosure of information at rest within the container platform. | Container platform keystore is used for container deployments for persistent storage of all its REST API objects. These objects are sensitive in nature and should be encrypted at rest to avoid any... |
V-233227 | Medium | The container platform must maintain the confidentiality and integrity of information during reception. | Information either can be unintentionally or maliciously disclosed or modified during reception for reception within the container platform during aggregation, at protocol transformation points,... |
V-233049 | Medium | The container platform must generate audit records containing the full-text recording of privileged commands or the individual identities of group account users. | During an investigation of an incident, it is important to fully understand what took place. Often, information is not part of the audited event due to the data's nature, security risk, or audit... |
V-233052 | Medium | The container platform components must provide the ability to send audit logs to a central enterprise repository for review and analysis. | The container platform components must send audit events to a central managed audit log repository to provide reporting, analysis, and alert notification. Incident response relies on successful... |
V-233224 | Medium | The application must protect the confidentiality and integrity of transmitted information. | Without protection of the transmitted information, confidentiality and integrity may be compromised since unprotected communications can be intercepted and either read or altered.
This... |
V-233182 | Medium | The container platform must record time stamps for audit records that meet a granularity of one second for a minimum degree of precision. | To properly investigate an event, it is important to have enough granularity within the time stamps to determine the chronological order of the audited events. Without this granularity, events may... |
V-233229 | Medium | The container platform must implement organization-defined security safeguards to protect system CPU and memory from resource depletion and unauthorized code execution. | The execution of images within the container platform runtime must implement organizational defined security safeguards to prevent distributed denial-of-service (DDOS) and other possible attacks... |
V-233048 | Medium | All audit records must identify any containers associated with the event within the container platform. | Without information that establishes the identity of the containers offering user services or running on behalf of a user within the platform associated with audit events, security personnel... |
V-233186 | Medium | The container platform registry must prohibit installation or modification of container images without explicit privileged status. | Controlling access to those users and roles that perform container platform registry functions reduces the risk of untested or potentially malicious containers from being introduced into the... |
V-233059 | Medium | The container platform must protect audit tools from unauthorized access. | Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on... |
V-233184 | Medium | The container platform must prohibit the installation of patches and updates without explicit privileged status. | Controlling access to those users and roles responsible for patching and updating the container platform reduces the risk of untested or potentially malicious software from being installed within... |
V-233285 | Medium | The container platform must use FIPS-validated SHA-2 or higher hash function for digital signature generation and verification (non-legacy use). | Without the use of digital signature, information can be altered by unauthorized accounts accessing or modifying the container platform registry, keystore, and container at runtime. Digital... |
V-233284 | Medium | The container platform must validate certificates used for Transport Layer Security (TLS) functions by performing an RFC 5280-compliant certification path validation. | A certification path is the path from the end entity certificate to a trusted root certification authority (CA). Certification path validation is necessary for a relying party to make an informed... |
V-233123 | Medium | The container platform must preserve any information necessary to determine the cause of the disruption or failure. | When a failure occurs within the container platform, preserving the state of the container platform and its components, along with other container services, helps to facilitate container platform... |
V-233114 | Medium | The container platform must separate user functionality (including user interface services) from information system management functionality. | Separating user functionality from management functionality is a requirement for all the components within the container platform. Without the separation, users may have access to management... |
V-233252 | Medium | The container platform must generate audit records when successful/unsuccessful attempts to access security objects occur. | The container platform and its components must generate audit records when successful and unsuccessful access security objects occur. All the components must use the same standard so that the... |
V-233055 | Medium | The container platform must use internal system clocks to generate audit record time stamps. | Understanding when and sequence of events for an incident is crucial to understand what may have taken place. Without a common clock, the components generating audit events could be out of... |
V-233047 | Medium | All audit records must identify any users associated with the event within the container platform. | Without information that establishes the identity of the user associated with the events, security personnel cannot determine responsibility for the potentially harmful event. |
V-233046 | Medium | All audit records must generate the event results within the container platform. | Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents,... |
V-233045 | Medium | All audit records must identify the source of the event within the container platform. | Audit data is important when there are issues, to include security incidents that must be investigated. Since the audit data may be part of a larger audit system, it is important for the audit... |
V-233044 | Medium | All audit records must identify where in the container platform the event occurred. | Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents,... |
V-233043 | Medium | The container platform audit records must have a date and time association with all events. | Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents,... |
V-233042 | Medium | All audit records must identify what type of event has occurred within the container platform. | Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents,... |
V-233210 | Medium | Vulnerability scanning applications must implement privileged access authorization to all container platform components, containers, and container images for selected organization-defined vulnerability scanning activities. | In certain situations, the nature of the vulnerability scanning may be more intrusive, or the container platform component that is the subject of the scanning may contain highly sensitive... |
V-233040 | Medium | The container platform must generate audit records when successful/unsuccessful attempts to access privileges occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an... |
V-233195 | Medium | The container platform must be configured to use multi-factor authentication for user authentication. | Controlling access to the container platform and its components is paramount in having a secure and stable system. Validating users is the first step in controlling the access. Users may be... |
V-233194 | Medium | The container platform must require devices to reauthenticate when organization-defined circumstances or situations requiring reauthentication. | The container platform may require external devices be used to fully orchestrate the services needed for users. Examples would be storage or external servers. Without reauthentication,... |
V-233191 | Medium | The container platform must prevent component execution in accordance with organization-defined policies regarding software program usage and restrictions, and/or rules authorizing the terms and conditions of software program usage. | The container platform may offer components such as DNS services, firewall services, router services, or web services that are not required by every organization to meet their needs. Container... |
V-233190 | Medium | All non-essential, unnecessary, and unsecure DoD ports, protocols, and services must be disabled in the container platform. | To properly offer services to the user and to orchestrate containers, the container platform may offer services that use ports and protocols that best fit those services. The container platform,... |
V-233193 | Medium | The container platform must require users to reauthenticate when organization-defined circumstances or situations require reauthentication. | Controlling user access is paramount in securing the container platform. During a user's access to the container platform, events may occur that change the user's access and which require... |
V-233192 | Medium | The container platform registry must employ a deny-all, permit-by-exception (whitelist) policy to allow only authorized container images in the container platform. | Controlling the sources where container images can be pulled from allows the organization to define what software can be run within the container platform. Allowing any container image to be... |
V-233208 | Medium | The container platform must configure web management tools and Application Program Interfaces (API) with FIPS-validated Advanced Encryption Standard (AES) cipher block algorithm to protect the confidentiality of maintenance and diagnostic communications for nonlocal maintenance sessions. | Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.
Nonlocal maintenance and diagnostic activities are... |
V-233078 | Medium | The container platform application program interface (API) must uniquely identify and authenticate processes acting on behalf of the users. | The container platform API can be used to perform any task within the platform. Often, the API is used to create tasks that perform some kind of maintenance task and run without user interaction.... |
V-233079 | Medium | The container platform must use multifactor authentication for network access to privileged accounts. | Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.
Multifactor authentication requires using two or more factors to achieve... |
V-233221 | Medium | The container platform runtime must maintain separate execution domains for each container by assigning each container a separate address space. | Container namespace access is limited upon runtime execution. Each container is a distinct process so that communication between containers is performed in a manner controlled through security... |
V-233072 | Medium | The container platform registry must contain only container images for those capabilities being offered by the container platform. | Allowing container images to reside within the container platform registry that are not essential to the capabilities being offered by the container platform becomes a potential security risk. By... |
V-233073 | Medium | The container platform runtime must enforce ports, protocols, and services that adhere to the PPSM CAL. | Ports, protocols, and services within the container platform runtime must be controlled and conform to the PPSM CAL. Those ports, protocols, and services that fall outside the PPSM CAL must be... |
V-233070 | Medium | Authentication files for the container platform must be protected. | The secure configuration of the container platform must be protected by disallowing changing to be implemented by non-privileged users. Changes to the container platform can introduce security... |
V-233071 | Medium | The container platform must be configured with only essential configurations. | The container platform can be built with components that are not used for the intended purpose of the organization. To limit the attack surface of the container platform, it is essential that the... |
V-233076 | Medium | The container platform application program interface (API) must uniquely identify and authenticate users. | The container platform requires user accounts to perform container platform tasks. These tasks are often performed through the container platform API. Protecting the API from users who are not... |
V-233077 | Medium | The container platform must uniquely identify and authenticate processes acting on behalf of the users. | The container platform will instantiate a container image and use the user privileges given to the user used to execute the container. To ensure accountability and prevent unauthenticated access... |
V-233074 | Medium | The container platform runtime must enforce the use of ports that are non-privileged. | Privileged ports are those ports below 1024 and that require system privileges for their use. If containers are able to use these ports, the container must be run as a privileged user. The... |
V-233075 | Medium | The container platform must uniquely identify and authenticate users. | The container platform requires user accounts to perform container platform tasks. These tasks may pertain to the overall container platform or may be component-specific, thus requiring users to... |
V-233189 | Medium | The container platform must enforce access restrictions and support auditing of the enforcement actions. | Auditing the enforcement of access restrictions against changes to the container platform helps identify attacks and provides forensic data for investigation for after-the-fact actions. Attempts... |
V-233065 | Medium | The container platform must verify container images. | The container platform must be capable of validating container images are signed and that the digital signature is from a recognized and approved source approved by the organization. Allowing any... |
V-233162 | Medium | The container platform must prevent non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | Controlling what users can perform privileged functions prevents unauthorized users from performing tasks that may expose data or degrade the container platform. When users are not segregated into... |
V-233163 | Medium | Container images instantiated by the container platform must execute using least privileges. | Containers running within the container platform must execute as non-privileged. When a container can execute as a privileged container, the privileged container is also a privileged user within... |
V-233164 | Medium | The container platform must audit the execution of privileged functions. | Privileged functions within the container platform can be component specific or can envelope the entire container platform. Because of the nature of the commands, it is important to understand... |
V-233165 | Medium | The container platform must automatically lock an account until the locked account is released by an administrator when three unsuccessful login attempts in 15 minutes are exceeded. | By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account. |
V-233166 | Medium | The container platform must provide the configuration for organization-identified individuals or roles to change the auditing to be performed on all components, based on all selectable event criteria within organization-defined time thresholds. | Auditing requirements may change per organization or situation within and organization. With the container platform allowing an organization to customize the auditing, an organization can decide... |
V-233064 | Medium | The container platform must be built from verified packages. | It is important to patch and upgrade the container platform when patches and upgrades are available. More important is to get these patches and upgrades from a known source. To validate the... |
V-233168 | Medium | The container platform must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | In order to ensure applications have a sufficient storage capacity in which to write the audit logs, applications need to be able to allocate audit record storage capacity.
The task of allocating... |
V-233169 | Medium | Audit records must be stored at a secondary location. | Auditable events are used in the investigation of incidents and must be protected from being deleted or altered. Often, events that took place in the past must be viewed to understand the entire... |
V-233067 | Medium | The container platform must limit privileges to the container platform runtime. | To control what is instantiated within the container platform, it is important to control access to the runtime. Without this control, container platform specific services and customer services... |
V-233061 | Medium | The container platform must protect audit tools from unauthorized deletion. | Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on... |
V-233060 | Medium | The container platform must protect audit tools from unauthorized modification. | Protecting audit data also includes identifying and protecting the tools used to view and manipulate log data. Therefore, protecting audit tools is necessary to prevent unauthorized operation on... |
V-233273 | Medium | Container platform components must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including SRGs, STIGs, NSA configuration guides, CTOs, and DTMs. | Container platform components are part of the overall container platform, offering services that enable the container platform to fully orchestrate user containers. These components may fall... |
V-233230 | Medium | The container platform must remove old components after updated versions have been installed. | Previous versions of container platform components that are not removed from the container platform after updates have been installed may be exploited by adversaries by causing older components to... |
V-233069 | Medium | Configuration files for the container platform must be protected. | The secure configuration of the container platform must be protected by disallowing changes to be implemented by non-privileged users. Changes to the container platform can introduce security... |
V-233068 | Medium | The container platform must limit privileges to the container platform keystore. | The container platform keystore is used to store credentials used to build a trust between the container platform and some external source. This trust relationship is authorized by the... |
V-233231 | Medium | The container platform registry must remove old container images after updating versions have been made available. | Obsolete and stale images need to be removed from the registry to ensure the container platform maintains a secure posture. While the storing of these images does not directly pose a threat, they... |
V-233274 | Medium | The container platform must be able to store and instantiate industry standard container images. | Monitoring the container images and containers during their lifecycle is important to guarantee the container platform is secure. To monitor the containers and images, security tools can be put in... |
V-233275 | Medium | The container platform must continuously scan components, containers, and images for vulnerabilities. | Finding vulnerabilities quickly within the container platform and within containers deployed within the platform is important to keep the overall platform secure. When a vulnerability within a... |
V-233276 | Medium | The container platform must prohibit communication using TLS versions 1.0 and 1.1, and SSL 2.0 and 3.0. | The container platform and its components will prohibit the use of SSL and unauthorized versions of TLS protocols to properly secure communication.
The use of unsupported protocol exposes... |
V-233066 | Medium | The container platform must limit privileges to the container platform registry. | To control what is instantiated within the container platform, it is important to control access to the registry. Without this control, container images can be introduced and instantiated by... |
V-233270 | Medium | The container runtime must generate audit records for all container execution, shutdown, restart events, and program initiations. | The container runtime must generate audit records that are specific to the security and mission needs of the organization. Without audit record, it would be difficult to establish, correlate, and... |
V-233271 | Medium | The container platform must use a valid FIPS 140-2 approved cryptographic modules to generate hashes. | The cryptographic module used must have at least one validated hash algorithm. This validated hash algorithm must be used to generate cryptographic hashes for all cryptographic security function... |
V-233063 | Medium | The container platform must use FIPS validated cryptographic mechanisms to protect the integrity of log information. | To fully investigate an incident and to have trust in the audit data that is generated, it is important to put in place data protections. Without integrity protections, unauthorized changes may be... |
V-233051 | Medium | The container platform must take appropriate action upon an audit failure. | It is critical that when the container platform is at risk of failing to process audit logs as required that it take action to mitigate the failure. Audit processing failures include... |
V-233171 | Medium | The container platform must provide an immediate real-time alert to the SA and ISSO, at a minimum, of all audit failure events requiring real-time alerts. | It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an... |
V-233199 | Medium | The container platform must allow the use of a temporary password for system logons with an immediate change to a permanent password. | Without providing this capability, an account may be created without a password. Non-repudiation cannot be guaranteed once an account is created if a user is not forced to change the temporary... |
V-233234 | Medium | The container platform runtime must have updates installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs). | The container platform runtime must be carefully monitored for vulnerabilities, and when problems are detected, they must be remediated quickly. A vulnerable runtime exposes all containers it... |
V-233226 | Medium | The container platform must maintain the confidentiality and integrity of information during preparation for transmission. | Information may be unintentionally or maliciously disclosed or modified during preparation for transmission within the container platform during aggregation, at protocol transformation points, and... |
V-233158 | Medium | The container platform must notify system administrator and ISSO of account enabling actions. | Once an attacker establishes access to an application, the attacker often attempts to create a persistent method of re-establishing access. One way to accomplish this is for the attacker to simply... |
V-233129 | Medium | The container platform must restrict individuals' ability to launch organizationally defined denial-of-service (DoS) attacks against other information systems. | The container platform will offer services to users and these services share resources available on the hosting system. To share the resources in a manner that does not exhaust or over utilize... |
V-233090 | Medium | The container platform must enforce password complexity by requiring that at least one uppercase character be used. | Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in... |
V-233091 | Medium | The container platform must enforce password complexity by requiring that at least one lowercase character be used. | Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in... |
V-233092 | Medium | The container platform must enforce password complexity by requiring that at least one numeric character be used. | Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in... |
V-233093 | Medium | The container platform must enforce password complexity by requiring that at least one special character be used. | Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in... |
V-233094 | Medium | The container platform must require the change of at least 15 of the total number of characters when passwords are changed. | If the application allows the user to consecutively reuse extensive portions of passwords, this increases the chances of password compromise by increasing the window of opportunity for attempts at... |
V-233188 | Medium | The container platform must enforce access restrictions for container platform configuration changes. | Configuration changes cause the container platform to change the way it operates. These changes can be used to improve the system with added features or performance, but these configuration... |
V-233269 | Medium | The container platform must generate audit records for all account creations, modifications, disabling, and termination events. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an... |
V-233268 | Medium | Direct access to the container platform must generate audit records. | Direct access to the container platform and its components must generate audit records. All the components must use the same standard so that the events can be tied together to understand what... |
V-233267 | Medium | The container platform runtime must generate audit records when successful/unsuccessful attempts to access objects occur. | Container platform runtime objects are defined as configuration files, code, etc. This provides the ability to configure resources and software parameters prior to image execution from the... |
V-233266 | Medium | The container platform must generate audit records when concurrent logons from different workstations and systems occur. | The container platform and its components must generate audit records for concurrent logons from workstations perform remote maintenance, runtime instances, connectivity to the container registry,... |
V-233265 | Medium | The container platform audit records must record user access start and end times. | The container platform must generate audit records showing start and end times for users and services acting on behalf of a user accessing the registry and keystore. These components must use the... |
V-233264 | Medium | The container platform must generate audit record for privileged activities. | The container platform components will generate audit records for privilege activities and container platform runtime, registry, and keystore must generate access audit records to detect possible... |
V-233263 | Medium | The container platform must generate audit records when successful/unsuccessful logon attempts occur. | The container platform and its components must generate audit records when successful and unsuccessful logon attempts occur. The information system can determine if an account is compromised or is... |
V-233262 | Medium | The container platform must generate audit records when successful/unsuccessful attempts to delete categories of information (e.g., classification levels) occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an... |
V-233261 | Medium | The container platform must generate audit records when successful/unsuccessful attempts to delete security objects occur. | Unauthorized users modify level the security levels to exploit vulnerabilities within the container platform component. All the components must use the same standard so that the events can be tied... |
V-233260 | Medium | The container platform must generate audit records when successful/unsuccessful attempts to delete security levels occur. | The container platform and its components must generate audit records when deleting security levels. All the components must use the same standard so that the events can be tied together to... |
V-233146 | Medium | The container platform must notify system administrators and ISSO for account removal actions. | When application accounts are removed, user accessibility is affected. Accounts are utilized for identifying users or for identifying the application processes themselves. Sending notification of... |
V-233201 | Medium | The container platform, for PKI-based authentication, must implement a local cache of revocation data to support path discovery and validation in case of the inability to access revocation information via the network. | The potential of allowing access to users who are no longer authorized (have revoked certificates) increases unless a local cache of revocation data is configured. |
V-233144 | Medium | The container platform must notify system administrators and ISSO when accounts are modified. | When application accounts are modified, user accessibility is affected. Accounts are utilized for identifying individual users or for identifying the application processes themselves. Sending... |
V-233145 | Medium | The container platform must notify system administrators and ISSO for account disabling actions. | When application accounts are disabled, user accessibility is affected. Accounts are utilized for identifying individual users or for identifying the application processes themselves. Sending... |
V-233142 | Medium | The container platform must use cryptographic mechanisms to protect the integrity of audit tools. | Protecting the integrity of the tools used for auditing purposes is a critical step to ensuring the integrity of audit data. Audit data includes all information (e.g., audit records, audit... |
V-233143 | Medium | The container platform must notify system administrators and ISSO when accounts are created. | Once an attacker establishes access to an application, the attacker often attempts to create a persistent method of re-establishing access. One way to accomplish this is for the attacker to simply... |
V-233200 | Medium | The container platform must prohibit the use of cached authenticators after an organization-defined time period. | If cached authentication information is out of date, the validity of the authentication information may be questionable. |
V-233015 | Medium | The container platform must use TLS 1.2 or greater for secure container image transport from trusted sources. | The authenticity and integrity of the container image during the container image lifecycle is part of the overall security posture of the container platform. This begins with the container image... |
V-233016 | Medium | The container platform must use TLS 1.2 or greater for secure communication. | The authenticity and integrity of the container platform and communication between nodes and components must be secure. If an insecure protocol is used during transmission of data, the data can be... |
V-233233 | Medium | The container platform registry must contain the latest images with most recent updates and execute within the container platform runtime as authorized by IAVM, CTOs, DTMs, and STIGs. | Software supporting the container platform, images in the registry must stay up to date with the latest patches, service packs, and hot fixes. Not updating the container platform and container... |
V-233202 | Medium | The container platform must accept Personal Identity Verification (PIV) credentials from other federal agencies. | Controlling access to the container platform and its components is paramount in having a secure and stable system. Validating users is the first step in controlling the access. Users may be... |
V-233207 | Medium | Container platform applications and Application Program Interfaces (API) used for nonlocal maintenance sessions must use FIPS-validated keyed-hash message authentication code (HMAC) to protect the integrity of nonlocal maintenance and diagnostic communications. | Unapproved mechanisms that are used for authentication to the cryptographic module are not verified, and therefore cannot be relied on to provide confidentiality or integrity, and DoD data may be... |
V-233206 | Medium | The container platform must audit non-local maintenance and diagnostic sessions' organization-defined audit events associated with non-local maintenance. | To fully investigate an attack, it is important to understand the event and those events taking place during the same time period. Often, non-local administrative access and diagnostic sessions... |
V-233181 | Medium | All audit records must use UTC or GMT time stamps. | The container platform and its components must generate audit records using either Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT) time stamps or local time that offset from UTC. All... |
V-233253 | Medium | The container platform must generate audit records when successful/unsuccessful attempts to access security levels occur. | Unauthorized users could access the security levels to exploit vulnerabilities within the container platform component. All the components must use the same standard so that the events can be tied... |
V-233081 | Medium | The container platform must use multifactor authentication for local access to privileged accounts. | To ensure accountability and prevent unauthenticated access, privileged users must utilize multifactor authentication to prevent potential misuse and compromise of the system.
Multifactor... |
V-233080 | Medium | The container platform must use multifactor authentication for network access to non-privileged accounts. | To ensure accountability and prevent unauthenticated access, non-privileged users must utilize multifactor authentication to prevent potential misuse and compromise of the system.
Multifactor... |
V-233087 | Medium | The container platform must disable identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | Inactive identifiers pose a risk to systems and applications. Attackers that are able to exploit an inactive identifier can potentially obtain and maintain undetected access to the application.... |
V-233086 | Medium | The container platform must uniquely identify all network-connected nodes before establishing any connection. | A container platform usually consists of multiple nodes. It is important for these nodes to be uniquely identified before a connection is allowed. Without identifying the nodes, unidentified or... |
V-233254 | Medium | The container platform must generate audit records when successful/unsuccessful attempts to access categories of information (e.g., classification levels) occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an... |
V-233255 | Medium | The container platform must generate audit records when successful/unsuccessful attempts to modify privileges occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an... |
V-233089 | Medium | The container platform must prohibit password reuse for a minimum of 10 generations. | Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
To meet password policy requirements, passwords need... |
V-233259 | Medium | The container platform must generate audit records when successful/unsuccessful attempts to delete privileges occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an... |
V-233155 | Medium | The container platform must terminate shared/group account credentials when members leave the group. | If shared/group account credentials are not terminated when individuals leave the group, the user that left the group can still gain access even though they are no longer authorized. A... |
V-233157 | Medium | The container platform must automatically audit account-enabling actions. | Once an attacker establishes access to an application, the attacker often attempts to create a persistent method of re-establishing access. One way to accomplish this is for the attacker to simply... |
V-233156 | Medium | The container platform must enforce organization-defined circumstances and/or usage conditions for organization-defined accounts. | Activity under unusual conditions can indicate hostile activity. For example, what is normal activity during business hours can indicate hostile activity if it occurs during off hours.
Depending... |
V-233083 | Medium | The container platform must ensure users are authenticated with an individual authenticator prior to using a group authenticator. | To ensure individual accountability and prevent unauthorized access, application users must be individually identified and authenticated.
Individual accountability mandates that each user be... |
V-233082 | Medium | The container platform must use multifactor authentication for local access to non-privileged accounts. | To ensure accountability, prevent unauthenticated access, and prevent misuse of the system, non-privileged users must utilize multi-factor authentication for local access.
Multifactor... |
V-233256 | Medium | The container platform must generate audit records when successful/unsuccessful attempts to modify security objects occur. | The container platform and its components must generate audit records when modifying security objects. All the components must use the same standard so that the events can be tied together to... |
V-233257 | Medium | The container platform must generate audit records when successful/unsuccessful attempts to modify security levels occur. | Unauthorized users could modify the security levels to exploit vulnerabilities within the container platform component. All the components must use the same standard so that the events can be tied... |
V-233244 | Medium | The container platform must provide system notifications to the system administrator and operational staff when anomalies in the operation of the organization-defined security functions are discovered. | If anomalies are not acted upon, security functions may fail to secure the container within the container platform runtime.
Security functions are responsible for enforcing the system security... |
V-233128 | Medium | The container platform must prevent unauthorized and unintended information transfer via shared system resources. | The container platform makes host system resources available to container services. These shared resources, such as the host system kernel, network connections, and storage, must be protected to... |
V-233085 | Medium | The container platform must implement replay-resistant authentication mechanisms for network access to non-privileged accounts. | A replay attack may enable an unauthorized user to gain access to the application. Authentication sessions between the authenticator and the application validating the user credentials must not be... |
V-233243 | Medium | The container platform must perform verification of the correct operation of security functions: upon system startup and/or restart; upon command by a user with privileged access; and/or every 30 days. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters. | Without verification, security functions may not operate correctly and this failure may go unnoticed within the container platform.
Security functions are responsible for enforcing the system... |
V-233242 | Medium | The organization-defined role must verify correct operation of security functions in the container platform. | Without verification, security functions may not operate correctly and this failure may go unnoticed within the container platform. The container platform components must identity and ensure the... |
V-233125 | Medium | The container platform runtime must isolate security functions from non-security functions. | The container platform runtime must be configured to isolate those services used for security functions from those used for non-security functions. This separation can be performed using... |
V-233126 | Medium | The container platform must never automatically remove or disable emergency accounts. | Emergency accounts are administrator accounts that are established in response to crisis situations where the need for rapid account activation is required. Therefore, emergency account activation... |
V-233084 | Medium | The container platform must use FIPS-validated SHA-1 or higher hash function to provide replay-resistant authentication mechanisms for network access to privileged accounts. | A replay attack may enable an unauthorized user to gain access to the application. Authentication sessions between the authenticator and the application validating the user credentials must not be... |
V-233122 | Medium | The container platform runtime must fail to a secure state if system initialization fails, shutdown fails, or aborts fail. | The container platform offers services for container image orchestration and services for users. If any of these services were to fail into an insecure state, security measures for user and data... |
V-233170 | Medium | The container platform must provide an immediate warning to the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75 percent of repository maximum audit record storage capacity. | If security personnel are not notified immediately upon storage volume utilization reaching 75 percent, they are unable to plan for storage capacity expansion. |
V-233098 | Medium | The container platform must enforce a 60-day maximum password lifetime restriction. | Any password, no matter how complex, can eventually be cracked. Therefore, passwords need to be changed at specific intervals.
One method of minimizing this risk is to use complex passwords and... |
V-233228 | Medium | The container platform must behave in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received. | Software or code parameters typically follow well-defined protocols that use structured messages (i.e., commands or queries) to communicate between software modules or system components.... |
V-233038 | Medium | The container platform must generate audit records for all DoD-defined auditable events within all components in the platform. | Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, including security incidents... |
V-233039 | Medium | The container platform must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | Without the capability to restrict which roles and individuals can select which events are audited, unauthorized personnel may be able to prevent the auditing of critical events. Misconfigured... |
V-233031 | Medium | The container platform must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period. | By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account. |
V-233258 | Medium | The container platform must generate audit records when successful/unsuccessful attempts to modify categories of information (e.g., classification levels) occur. | Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an... |
V-233030 | Medium | The container platform must enforce approved authorizations for controlling the flow of information between interconnected systems and services based on organization-defined information flow control policies. | Controlling information flow between the container platform components and container user services instantiated by the container platform must enforce organization-defined information flow... |
V-233127 | Medium | The container platform must prohibit containers from accessing privileged resources. | Containers images instantiated within the container platform may request access to host system resources. Access to privileged resources can allow for unauthorized and unintended transfer of... |
V-233033 | Low | The container platform must retain the Standard Mandatory DoD Notice and Consent Banner on the screen until users acknowledge the usage and conditions and take explicit actions to log on for further access. | The banner must be acknowledged by the user prior to allowing the user access to any container platform component. This provides assurance that the user has seen the message and accepted the... |
V-233149 | Low | Access to the container platform must display an explicit logout message to user indicating the reliable termination of authenticated communication sessions. | Access to the container platform will occur through web and terminal sessions. Any web interfaces must conform to application and web security requirements. Terminal access to the container... |
V-233032 | Low | The container platform must display the Standard Mandatory DoD Notice and Consent Banner before granting access to platform components. | The container platform has countless components where different access levels are needed. To control access, the user must first log in to the component and then be presented with a DoD-approved... |