The vCenter Server for Windows must disable SNMPv1.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-216889	VCWN-65-006000	SV-216889r612237_rule		Medium

Description
SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy while previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication. SNMPv3 is not supported in vCenter Server for Windows.

STIG	Date
VMW vSphere 6.5 vCenter Server for Windows Security Technical Implementation Guide	2021-06-23

Details

Check Text ( C-18120r366381_chk )
NOTE: For the vCenter 6.5 Server Appliance, this requirement is Not Applicable. In the vSphere Web Client go to a vCenter Server instance. Click the Configure tab >> Settings >> General. On the vCenter Server Settings central pane, click Edit. Click SNMP receivers to edit their settings. Ensure no information for SNMP receivers are entered. If there are SNMP receivers configured, this is a finding.

Check Text ( C-18120r366381_chk )

NOTE: For the vCenter 6.5 Server Appliance, this requirement is Not Applicable.

In the vSphere Web Client go to a vCenter Server instance.
Click the Configure tab >> Settings >> General.
On the vCenter Server Settings central pane, click Edit.
Click SNMP receivers to edit their settings.
Ensure no information for SNMP receivers are entered. If there are SNMP receivers configured, this is a finding.

Fix Text (F-18118r366382_fix)
In the vSphere Web Client go to a vCenter Server instance. Click the Configure tab >> Settings >> General. On the vCenter Server Settings central pane, click Edit. Click SNMP receivers to edit their settings. Remove any SNMP receivers that exist.