STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must prohibit containers from accessing privileged resources.

DISA Rule

SV-233127r599607_rule

Vulnerability Number

V-233127

Group Title

SRG-APP-000243

Rule Version

SRG-APP-000243-CTR-000595

Severity

CAT II

CCI(s)

• CCI-001090 - The information system prevents unauthorized and unintended information transfer via shared system resources.

Weight

10

Fix Recommendation

Configure the container platform to block instantiation of containers requesting access to host system-privileged resources.

Check Contents

Review documentation and configuration to determine if the container platform disallows instantiation of containers trying to access host system privileged resources.

If the container platform does not block containers requesting host system privileged resources, this is a finding.

Vulnerability Number

V-233127

Documentable

False

Rule Version

SRG-APP-000243-CTR-000595

Severity Override Guidance

Review documentation and configuration to determine if the container platform disallows instantiation of containers trying to access host system privileged resources.

If the container platform does not block containers requesting host system privileged resources, this is a finding.

Check Content Reference

M

Target Key

5239

Comments