STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must prohibit the installation of patches and updates without explicit privileged status.

DISA Rule

SV-233184r599633_rule

Vulnerability Number

V-233184

Group Title

SRG-APP-000378

Rule Version

SRG-APP-000378-CTR-000880

Severity

CAT II

CCI(s)

• CCI-001812 - The information system prohibits user installation of software without explicit privileged status.

Weight

10

Fix Recommendation

Configure the container platform to only allow patch installation and upgrades using privileged accounts.

Check Contents

Review the container platform configuration to determine if patches and updates can only be installed through accounts with privileged status.

Attempt to install a patch or upgrade using a non-privileged user account.

If patches or updates can be installed using a non-privileged account or the container platform is not configured to stop the installation using a non-privileged account, this is a finding.

Vulnerability Number

V-233184

Documentable

False

Rule Version

SRG-APP-000378-CTR-000880

Severity Override Guidance

Review the container platform configuration to determine if patches and updates can only be installed through accounts with privileged status.

Attempt to install a patch or upgrade using a non-privileged user account.

If patches or updates can be installed using a non-privileged account or the container platform is not configured to stop the installation using a non-privileged account, this is a finding.

Check Content Reference

M

Target Key

5239

Comments