STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must prohibit communication using TLS versions 1.0 and 1.1, and SSL 2.0 and 3.0.

DISA Rule

SV-233276r599509_rule

Vulnerability Number

V-233276

Group Title

SRG-APP-000560

Rule Version

SRG-APP-000560-CTR-001340

Severity

CAT II

CCI(s)

CCI-001453 - The information system implements cryptographic mechanisms to protect the integrity of remote access sessions.

Weight

Fix Recommendation

Configure the container platform to prohibit communication using TLS versions 1.0 and 1.1, SSL 2.0 and 3.0.

Check Contents

Review the container platform configuration to determine if TLS versions 1.0 and 1.1, SSL 2.0 and 3.0 are prohibited for communication.

If communication using TLS versions 1.0 and 1.1, SSL 2.0 and 3.0 is permitted, this is a finding.

Vulnerability Number

V-233276

Documentable

False

Rule Version

SRG-APP-000560-CTR-001340

Severity Override Guidance

Check Content Reference

Target Key

5239

The container platform must prohibit communication using TLS versions 1.0 and 1.1, and SSL 2.0 and 3.0.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments