UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The virtual system hardware of a virtual machine must be kept secured/updated.


Overview

Finding ID Version Rule ID IA Controls Severity
V-39502 ESXI5-VM-000048 SV-51360r1_rule High
Description
A key to understanding the security requirements of a virtualized environment is the recognition that a virtual machine is, in most respects, the equivalent of a physical server. Virtual machines that are not updated can potentially cause unexpected behavior in a VM guest operating system. Therefore, it is critical to employ the same security/update measures in virtual machine/hardware that would be done for physical servers.
STIG Date
VMware ESXi Version 5 Virtual Machine Security Technical Implementation Guide 2015-05-11

Details

Check Text ( C-46762r1_chk )
Ask the SA if all active and dormant virtual machine hardware versions are kept patched and up to date.

If all virtual machines are not patched and up to date, this is a finding.
Fix Text (F-44514r1_fix)
Patch and update all active and dormant virtual machine hardware.