STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform registry must prohibit installation or modification of container images without explicit privileged status.

DISA Rule

SV-233186r599509_rule

Vulnerability Number

V-233186

Group Title

SRG-APP-000378

Rule Version

SRG-APP-000378-CTR-000890

Severity

CAT II

CCI(s)

• CCI-001812 - The information system prohibits user installation of software without explicit privileged status.

Weight

10

Fix Recommendation

Document and obtain approval for any non-administrative users who require the ability to create, alter, or replace container images within the container platform registry. Implement the approved permissions. Revoke any unapproved permissions.

Check Contents

Review container platform registry security settings with respect to non-administrative users' ability to create, alter, or replace container images.

If any such permissions exist and are not documented and approved, this is a finding.

Vulnerability Number

V-233186

Documentable

False

Rule Version

SRG-APP-000378-CTR-000890

Severity Override Guidance

Review container platform registry security settings with respect to non-administrative users' ability to create, alter, or replace container images.

If any such permissions exist and are not documented and approved, this is a finding.

Check Content Reference

M

Target Key

5239

Comments