Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-233226 | SRG-APP-000441-CTR-001090 | SV-233226r601818_rule | Medium |
Description |
---|
Information may be unintentionally or maliciously disclosed or modified during preparation for transmission within the container platform during aggregation, at protocol transformation points, and during container image runtime. These unauthorized disclosures or modifications compromise the confidentiality or integrity of the information. When transmitting data, the container platform components need to leverage transmission protection mechanisms, such as TLS, TLS VPNs, or IPsec. |
STIG | Date |
---|---|
Container Platform Security Requirements Guide | 2021-12-14 |
Check Text ( C-36162r601817_chk ) |
---|
Review the documentation and deployed configuration to determine if the container platform maintains the confidentiality and integrity of information during preparation before transmission. If the confidentiality and integrity are not maintained using mechanisms such as TLS, TLS VPNs, or IPsec during preparation before transmission, this is a finding. |
Fix Text (F-36130r601166_fix) |
---|
Configure the container platform to maintain the confidentiality and integrity of information using mechanisms such as TLS, TLS VPNs, or IPsec during preparation for transmission. |