CCC.CntrReg.TH01: Vulnerabilities in Artifacts are Exploited
Threat ID:CCC.CntrReg.TH01
Title:Vulnerabilities in Artifacts are Exploited
Description:
Attackers exploit known vulnerabilities in container images or artifacts stored in the registry, leading to unauthorized access, data breaches, or system compromise.
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.CntrReg.F05 | Image Scanning | Provides vulnerability scanning for container images (built-in or through integration to scanning services) to detect security issues and generate reports for known CVEs (Common Vulnerabilities and Exposures). |
Controls
| ID | Title | Objective | Control Family | Threat Mappings | Guideline Mappings | Assessment Requirements |
|---|---|---|---|---|---|---|
| CCC.CntrReg.C01 | Implement Vulnerability Scanning for Artifacts | Ensure that container images and artifacts stored in the container registry are scanned for vulnerabilities to identify and remediate security issues before deployment. | Risk Management | 1 | 3 | 1 |