UCF STIG Viewer Logo

The container platform must behave in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received.


Overview

Finding ID Version Rule ID IA Controls Severity
V-233228 SRG-APP-000447-CTR-001100 SV-233228r601822_rule Medium
Description
Software or code parameters typically follow well-defined protocols that use structured messages (i.e., commands or queries) to communicate between software modules or system components. Structured messages can contain raw or unstructured data interspersed with metadata or control information. If attacker-supplied inputs to construct structured messages without properly encoding such messages, then the attacker could insert malicious commands or special characters that can cause the data to be interpreted as control information or metadata. This requirement guards against adverse or unintended system behavior caused by invalid inputs, where container platform components responses to the invalid input may be disruptive or cause the container image runtime to fail into an unsafe state. The behavior will be derived from the organizational and system requirements and includes, but is not limited to, notification of the appropriate personnel, creating an audit record, and rejecting invalid input.
STIG Date
Container Platform Security Requirements Guide 2021-12-14

Details

Check Text ( C-36164r601821_chk )
Review the configuration to determine if the container platform behaves in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received.

If the container platform does not meet this requirement, this is a finding.
Fix Text (F-36132r601172_fix)
Configure the container platform behave in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received.