UCF STIG Viewer Logo

VirtualCenter vpxuser has been modified.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15874 ESX0750 SV-16815r1_rule ECCD-1 ECCD-2 High
Description
The vpxuser is created when the ESX Server host is attached to VirtualCenter. It is not present on the ESX Server host unless the host is being managed through VirtualCenter. SAs will not change vpxuser and its default permissions. Modifying these permissions may create problems working with the ESX Server host through VirtualCenter.
STIG Date
VMware ESX 3 Server 2016-05-13

Details

Check Text ( C-16238r1_chk )
On the ESX Server service console perform the following:
# grep vpx /etc/passwd

Output should appear as follows:
vpxuser:x:500:100:Vmware VirtualCenter administration account: /home/vpxuser:/bin/false

#grep vpx /etc/shadow
Output should appear as follows:
vpxuser:(hash value)/:13995:1:360:14::: (These numbers may be different based on the site)

If any of these files have been changed from the above values for the vpxuser, this is a finding.

Fix Text (F-15834r1_fix)
Do not modify the vpxuser account.