Tanzu Application Service (TAS for VMs) is compliant with this requirement.
Errors returned from TAS for VMs APIs and UIs contain enough information to determine the nature of the problem, but do not disclose inappropriate information such as passwords. System logs that stream to a syslog endpoint are similarly designed to not avoid disclosing sensitive information to an unauthorized listener.
Application code is the deployer’s responsibility. Authorization to see application logs may be controlled by the Cloud Controller RBAC restrictions, which are scoped by Org and Space abstractions.
The deployer may use a nozzle to direct log streams from the Firehose to secure drains. The deployer may also use authorization controls present in their third-party log management system to control access to archival logs.
The BOSH Director, Tanzu Operations Manager, and other TAS for VMs system components also stream component logs via syslog. Deployers may restrict these logs to specific personnel based on their source.
The information system:
Organizations carefully consider the structure/content of error messages. The extent to which information systems are able to identify and handle error conditions is guided by organizational policy and operational requirements. Information that could be exploited by adversaries includes, for example, erroneous logon attempts with passwords entered by mistake as the username, mission/business information that can be derived from (if not stated explicitly by) information recorded, and personal information such as account numbers, social security numbers, and credit card numbers. In addition, error messages may provide a covert channel for transmitting information.