STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

Vulnerability scanning applications must implement privileged access authorization to all container platform components, containers, and container images for selected organization-defined vulnerability scanning activities.

DISA Rule

SV-233210r599509_rule

Vulnerability Number

V-233210

Group Title

SRG-APP-000414

Rule Version

SRG-APP-000414-CTR-001010

Severity

CAT II

CCI(s)

• CCI-001067 - The information system implements privileged access authorization to organization-identified information system components for selected organization-defined vulnerability scanning activities.

Weight

10

Fix Recommendation

Configure the vulnerability scanning application to have privileged access to the container platform components, containers, and container images.

Check Contents

Validate that scanning applications have privileged access to container platform components, containers, and container images to properly perform vulnerability scans.

If privileged access is not given to the scanning application, this is a finding.

Vulnerability Number

V-233210

Documentable

False

Rule Version

SRG-APP-000414-CTR-001010

Severity Override Guidance

Validate that scanning applications have privileged access to container platform components, containers, and container images to properly perform vulnerability scans.

If privileged access is not given to the scanning application, this is a finding.

Check Content Reference

M

Target Key

5239

Comments