STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform application program interface (API) must uniquely identify and authenticate processes acting on behalf of the users.

DISA Rule

SV-233078r599565_rule

Vulnerability Number

V-233078

Group Title

SRG-APP-000148

Rule Version

SRG-APP-000148-CTR-000350

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Configure the container platform API to uniquely identify and authenticate processes acting on behalf of users.

Check Contents

Review the container platform API configuration to determine if processes acting on behalf of users are uniquely identified and authenticated.

If processes acting on behalf of users are not uniquely identified or are not authenticated, this is a finding.

Vulnerability Number

V-233078

Documentable

False

Rule Version

SRG-APP-000148-CTR-000350

Severity Override Guidance

Review the container platform API configuration to determine if processes acting on behalf of users are uniquely identified and authenticated.

If processes acting on behalf of users are not uniquely identified or are not authenticated, this is a finding.

Check Content Reference

M

Target Key

5239

Comments