Title

ColdFusion must limit the maximum post data size. (Cat II impact)

Discussion

Limiting the maximum post data size is essential to prevent resource exhaustion and potential denial-of-service (DoS) attacks. Without a limit, excessively large post data can consume server resources, leading to performance degradation or crashes. By setting a maximum post data size, the server can manage its resources more effectively, ensuring that it remains responsive and available to handle client requests efficiently.

Check Content

Verify Default Maximum size of post data settings. 1. From the Admin Console Landing Screen, navigate to Server Settings >> Settings. 2. Interview the administrator to determine what the maximum post data size is required for the hosted applications. If the "Maximum size of post data" is set to a number larger than required, this is a finding.

Fix Text

Configure Maximum size of post data settings. 1. From the Admin Console Landing Screen, navigate to Server Settings >> Settings. 2. Set "Maximum size of post data settings" to the required amount. 3. Select "Submit Changes".

Additional Identifiers

Rule ID: SV-279087r1171035_rule

Vulnerability ID: V-279087

Group Title: SRG-APP-000435-AS-000163

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.