Title

ColdFusion must set an organization defined maximum JVM heap size. (Cat II impact)

Discussion

Setting an appropriate maximum JVM heap size is crucial to balance server performance and resource usage. If the heap size is set too low, it can lead to frequent garbage collection, which can degrade performance. Conversely, if the heap size is set too high, it can consume excessive memory, leading to resource exhaustion and potential denial-of-service (DoS) attacks. By configuring a balanced maximum JVM heap size, the server can efficiently manage memory, ensuring optimal performance and availability.

Check Content

Verify JVM Arguments heap size. From the Admin Console Landing Screen, navigate to Server Settings >> Java and JVM. If the "Maximum JVM Heap Size (in MB)" is not set to the required amount, this is a finding.

Fix Text

Configure JVM Arguments heap size. 1. From the Admin Console Landing Screen, navigate to Server Settings >> Java and JVM. 2. Set "Maximum JVM Heap Size (in MB)" to the appropriate amount. 3. Select "Submit Changes".

Additional Identifiers

Rule ID: SV-279090r1171582_rule

Vulnerability ID: V-279090

Group Title: SRG-APP-000435-AS-000163

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.