Skip to content

The container platform must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.

An XCCDF Rule

Description

<VulnDiscussion>The container platform is responsible for offering services to users. These services could be across diverse user groups and data types. To protect information about the container platform, services, users, and data, it is important during error message generation to offer enough information to diagnose the error, but not reveal information that needs to be protected.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-233133r961167_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Configure the container platform to not write sensitive information into the logs and administrative messages.