STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Adobe ColdFusion Security Technical Implementation Guide

V-279085

CAT II (Medium)

ColdFusion must limit the in-memory size of the virtual file system.

Rule ID

SV-279085r1171029_rule

STIG

Adobe ColdFusion Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-002385

Discussion

Limiting the in-memory size of the virtual file system is essential to prevent resource exhaustion and potential denial-of-service (DoS) attacks. Without a limit, the virtual file system can consume excessive memory, leading to performance degradation or server crashes. By setting a maximum in-memory limit, the server can manage its resources more effectively, ensuring that it remains responsive and available to handle client requests efficiently.

Check Content

Verify Memory Limit settings.

1. From the Admin Console Landing Screen, navigate to Server Settings >> Settings.

2. Interview the administrator to determine how much space if needed for the in-memory virtual file system.

If the "Memory Limit for In-Memory Virtual File System" is set to a number larger than required, this is a finding.

Fix Text

Configure Memory Limit settings.

1. From the Admin Console Landing Screen, navigate to Server Settings >> Settings.

2. Set "Memory Limit for In-Memory Virtual File System" to the required amount.

3. Select "Submit Changes".