The container platform must separate user functionality (including user interface services) from information system management functionality.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-233114 | SRG-APP-000211-CTR-000530 | SV-233114r961095_rule | CCI-001082 | medium |
| Description | ||||
| Separating user functionality from management functionality is a requirement for all the components within the container platform. Without the separation, users may have access to management functions that can degrade the container platform and the services being offered and can offer a method to bypass testing and validation of functions before introduced into a production environment. The separation should be enforced by each component within the container platform. | ||||
| STIG | Date | |||
| Container Platform Security Requirements Guide | 2025-05-15 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
SC-2
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.13.3
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-001082
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-233114r961095_chk)
Review the container platform configuration to determine if management functionality is separated from user functionality.
Validate that the separation is also implemented within the components by trying to execute management functions for each component as a user.
If the container platform is not configured to separate management and user functionality or if component management and user functionality are not separated, this is a finding.
Fix Text (F-36018r600830_fix)
Configure the container platform and its components to separate management and user functionality.