UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

All interactions between guest VMs and external systems, via other interface devices, must be mediated by the VMM or its service VMs.


Overview

Finding ID Version Rule ID IA Controls Severity
V-207417 SRG-OS-000242-VMM-000850 SV-207417r379213_rule Medium
Description
Mechanisms to detect and prevent unauthorized communication flow must be configured or provided as part of the VMM design. If information flow control is not enforced based on proper functioning of the VMM and its service and helper VMs, the VMM may become compromised. Information flow control regulates where information is allowed to travel between a VMM (and its guest VMs) and external systems. In some cases, the VMM may delegate interface device management to a service VM, but the VMM still maintains control of all information flows. The flow of all system information must be monitored and controlled so it does not introduce any unacceptable risk to the VMM, its guest VMs, or data.
STIG Date
Virtual Machine Manager Security Requirements Guide 2023-09-12

Details

Check Text ( C-7674r365661_chk )
Verify all interactions between guest VMs and external systems, via other interface devices, are mediated by the VMM or its service VMs.

If they are not, this is a finding.
Fix Text (F-7674r365662_fix)
Configure all interactions between guest VMs and external systems, via other interface devices, are mediated by the VMM or its service VMs.