ColdFusion must limit the in-memory size of the virtual file system.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-279085 | SRG-APP-000435-AS-000163 | APAS-CF-000795 | SV-279085r1171029_rule | 2025-12-19 | 1 |
Description
Limiting the in-memory size of the virtual file system is essential to prevent resource exhaustion and potential denial-of-service (DoS) attacks. Without a limit, the virtual file system can consume excessive memory, leading to performance degradation or server crashes. By setting a maximum in-memory limit, the server can manage its resources more effectively, ensuring that it remains responsive and available to handle client requests efficiently.
ℹ️ Check
Verify Memory Limit settings.
1. From the Admin Console Landing Screen, navigate to Server Settings >> Settings.
2. Interview the administrator to determine how much space if needed for the in-memory virtual file system.
If the "Memory Limit for In-Memory Virtual File System" is set to a number larger than required, this is a finding.
✔️ Fix
Configure Memory Limit settings.
1. From the Admin Console Landing Screen, navigate to Server Settings >> Settings.
2. Set "Memory Limit for In-Memory Virtual File System" to the required amount.
3. Select "Submit Changes".