The container platform must use TLS 1.2 or greater for secure communication.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-233016	SRG-APP-000014-CTR-000040	SV-233016r600537_rule		Medium

Description
The authenticity and integrity of the container platform and communication between nodes and components must be secure. If an insecure protocol is used during transmission of data, the data can be intercepted and manipulated. The manipulation of data can be used to inject status changes of the container platform, causing the execution of containers or reporting an incorrect healthcheck. To thwart the manipulation of the data during transmission, a secure protocol (TLS 1.2 or newer) must be used. Further guidance on secure transport protocols can be found in NIST SP 800-52.

Description

The authenticity and integrity of the container platform and communication between nodes and components must be secure. If an insecure protocol is used during transmission of data, the data can be intercepted and manipulated. The manipulation of data can be used to inject status changes of the container platform, causing the execution of containers or reporting an incorrect healthcheck. To thwart the manipulation of the data during transmission, a secure protocol (TLS 1.2 or newer) must be used. Further guidance on secure transport protocols can be found in NIST SP 800-52.

STIG	Date
Container Platform Security Requirements Guide	2021-12-14

Details

Check Text ( C-35952r600535_chk )
Review the container platform configuration to verify that TLS 1.2 or greater is being used for communication by the container platform nodes and components. If TLS 1.2 or greater is not being used for secure communication, this is a finding.

Fix Text (F-35920r600536_fix)
Configure the container platform to use TLS 1.2 or greater for node and component communication.