STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.

DISA Rule

SV-233102r599593_rule

Vulnerability Number

V-233102

Group Title

SRG-APP-000178

Rule Version

SRG-APP-000178-CTR-000470

Severity

CAT II

CCI(s)

• CCI-000206 - The information system obscures feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.

Weight

10

Fix Recommendation

Configure the container platform to obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.

Check Contents

Review container platform documentation and configuration to determine if any interfaces that are provided for authentication purposes display the user's password when it is typed into the data entry field.

If authentication information is not obfuscated when entered, this is a finding.

Vulnerability Number

V-233102

Documentable

False

Rule Version

SRG-APP-000178-CTR-000470

Severity Override Guidance

Review container platform documentation and configuration to determine if any interfaces that are provided for authentication purposes display the user's password when it is typed into the data entry field.

If authentication information is not obfuscated when entered, this is a finding.

Check Content Reference

M

Target Key

5239

Comments