The container platform must be configured with only essential configurations.

STIG ID: SRG-APP-000141-CTR-000315  |  SRG: SRG-APP-000141 |  Severity: medium |  CCI: CCI-000381 |  Vulnerability Id: V-233071

Vulnerability Discussion

The container platform can be built with components that are not used for the intended purpose of the organization. To limit the attack surface of the container platform, it is essential that the non-essential services are not installed.

Check

Review the container platform configuration and verify that only those components needed for operation are installed.

If components are installed that are not used for the intended purpose of the organization, this is a finding.

Fix

Identify the role the container platform is intended to play in the production environment and remove any components that are not needed or used for the intended purpose.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.