XCCDF scanning Ubuntu 24.04 Docker container image shows 0 result #2316
Description
When scanning an Ubuntu 24.04 LTS Docker container image and exporting the XCCDF file for STIG Viewer, the STIG Viewer displays no information in the Finding Details field.
The HTML report works.
There is no issue when scanning an Ubuntu 22.04 LTS Docker image.
OpenSCAP version 1.4.3
SCAP SSG version 0.1.79 and DISA STIG for Canonical Ubuntu 24.04 LTS V1R1 profile.
Steps to reproduce:
-
Run an Ubuntu 24.04 Docker container with background execution then grab the ContainerID
docker run -dit --user root --entrypoint tail "imageID" -f /dev/null
docker ps -
ExportHTML Report with:
oscap-docker container 69292de0bce9 xccdf eval --profile xccdf_org.ssgproject.content_profile_stig --report CAN_Ubuntu_24-04_OSCAP-Report_20260220.html /usr/share/xml/scap/scap-security-guide-0.1.79/ubuntu2404-ds.xml -
Export XCCDF file:
oscap-docker container 69292de0bce9 xccdf eval --profile xccdf_org.ssgproject.content_profile_stig --stig-viewer CAN_Ubuntu_24-04_STIG-Viewer_20260220.xml /usr/share/xml/scap/scap-security-guide-0.1.79/ubuntu2404-ds.xml -
Import XCCDF file to STIG Viewer 2
Create new checklist from Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide
Click the New Checklist tab, then Import XCCDF Results File, select and open the "CAN_Ubuntu_24-04_STIG-Viewer_20260220.xml" file.