UCF STIG Viewer Logo

The container platform must maintain the confidentiality and integrity of information during reception.


Overview

Finding ID Version Rule ID IA Controls Severity
V-233227 SRG-APP-000442-CTR-001095 SV-233227r601820_rule Medium
Description
Information either can be unintentionally or maliciously disclosed or modified during reception for reception within the container platform during aggregation, at protocol transformation points, and during container image runtime. These unauthorized disclosures or modifications compromise the confidentiality or integrity of the information. When receiving data, the container platform components need to leverage protection mechanisms, such as TLS, TLS VPNs, or IPsec.
STIG Date
Container Platform Security Requirements Guide 2021-12-14

Details

Check Text ( C-36163r601819_chk )
Review documentation and configuration settings to determine if the container platform maintains the confidentiality and integrity of information during reception.

If confidentiality and integrity are not maintained using mechanisms such as TLS, TLS VPNs, or IPsec during reception, this is a finding.
Fix Text (F-36131r601169_fix)
Configure the container platform to maintain the confidentiality and integrity using mechanisms such as TLS, TLS VPNs, or IPsec during reception.