UCF STIG Viewer Logo

No documented configuration management process exists for VirtualCenter changes.


Finding ID Version Rule ID IA Controls Severity
V-15878 ESX0790 SV-16819r1_rule Medium
VirtualCenter objects might have multiple permissions for users and or groups. Permissions are applied hierarchically downward on these objects. For each permission the administrator must decide if the permission applies only to that immediate object, or downward to all sub objects. Permissions may be overridden by setting different permissions on a lower object. These situations can create confusion and permissions that were thought to be limited might actually be elevated. Furthermore, all changes take affect immediately not requiring users to log off and log back in. Configuration management is critical for all modifications since the new change may override previously configured permissions.
VMware ESX 3 Policy 2016-05-03


Check Text ( C-16236r1_chk )
Request a copy of the configuration management process document. If the document is incomplete or does not exist, this is a finding.
Fix Text (F-15838r1_fix)
Document a configuration management process for all VirtualCenter modifications.