Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Root passwords must never be passed over a network in clear text form.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| GEN001100-ESXI5-PNF | GEN001100-ESXI5-PNF | GEN001100-ESXI5-PNF_rule | High |
| Description |
|---|
| If a user accesses the root account (or any account) using an unencrypted connection, the password is passed over the network in clear text form and is subject to interception and misuse. This is true even if recommended procedures are followed by logging on to a named account and using the su command to access root. Applicable, but permanent not-a-finding - SSH is disabled by default, root login via SSH is disabled-by-default, and full lockdown including the DCUI is required. |
| STIG | Date |
|---|---|
| VMware ESXi v5 Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-GEN001100-ESXI5-PNF_chk ) |
|---|
| ESXi supports this requirement and cannot be configured to be out of compliance. This is a permanent not a finding. |
| Fix Text (F-GEN001100-ESXI5-PNF_fix) |
|---|
| This requirement is permanent not a finding. No fix is required. |