Skip to content
Catalogs
XCCDF
Container Platform Security Requirements Guide
SRG-APP-000447
The container platform must behave in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received.
The container platform must behave in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received. An XCCDF Rule
The container platform must behave in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received.
Medium Severity
<VulnDiscussion>Software or code parameters typically follow well-defined protocols that use structured messages (i.e., commands or queries) to communicate between software modules or system components. Structured messages can contain raw or unstructured data interspersed with metadata or control information. If attacker-supplied inputs to construct structured messages without properly encoding such messages, then the attacker could insert malicious commands or special characters that can cause the data to be interpreted as control information or metadata.
This requirement guards against adverse or unintended system behavior caused by invalid inputs, where container platform components responses to the invalid input may be disruptive or cause the container image runtime to fail into an unsafe state.
The behavior will be derived from the organizational and system requirements and includes, but is not limited to, notification of the appropriate personnel, creating an audit record, and rejecting invalid input.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>