The container platform must maintain the confidentiality and integrity of information during reception.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-233227	SRG-APP-000442-CTR-001095	SV-233227r961641_rule		Medium

Description

Information either can be unintentionally or maliciously disclosed or modified during reception for reception within the container platform during aggregation, at protocol transformation points, and during container image runtime. These unauthorized disclosures or modifications compromise the confidentiality or integrity of the information. When receiving data, the container platform components need to leverage protection mechanisms, such as TLS, TLS VPNs, or IPsec.

STIG	Date
Container Platform Security Requirements Guide	2025-05-15

Details

Check Text (C-36163r601819_chk)

Review documentation and configuration settings to determine if the container platform maintains the confidentiality and integrity of information during reception.

If confidentiality and integrity are not maintained using mechanisms such as TLS, TLS VPNs, or IPsec during reception, this is a finding.

Fix Text (F-36131r601169_fix)

Configure the container platform to maintain the confidentiality and integrity using mechanisms such as TLS, TLS VPNs, or IPsec during reception.