ColdFusion must limit the in-memory size of the virtual file system.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-279085	SRG-APP-000435-AS-000163	APAS-CF-000795	SV-279085r1171029_rule	2025-12-19	1

Description
Limiting the in-memory size of the virtual file system is essential to prevent resource exhaustion and potential denial-of-service (DoS) attacks. Without a limit, the virtual file system can consume excessive memory, leading to performance degradation or server crashes. By setting a maximum in-memory limit, the server can manage its resources more effectively, ensuring that it remains responsive and available to handle client requests efficiently.

Description

Limiting the in-memory size of the virtual file system is essential to prevent resource exhaustion and potential denial-of-service (DoS) attacks. Without a limit, the virtual file system can consume excessive memory, leading to performance degradation or server crashes. By setting a maximum in-memory limit, the server can manage its resources more effectively, ensuring that it remains responsive and available to handle client requests efficiently.

ℹ️ Check
Verify Memory Limit settings. 1. From the Admin Console Landing Screen, navigate to Server Settings >> Settings. 2. Interview the administrator to determine how much space if needed for the in-memory virtual file system. If the "Memory Limit for In-Memory Virtual File System" is set to a number larger than required, this is a finding.

✔️ Fix
Configure Memory Limit settings. 1. From the Admin Console Landing Screen, navigate to Server Settings >> Settings. 2. Set "Memory Limit for In-Memory Virtual File System" to the required amount. 3. Select "Submit Changes".